Tokens used by Auth0

Learn about the types of tokens referenced in Auth0 documentation, what each is used for and how to use it.

Auth0 uses two formats for tokens:

  • JSON Web Token (JWT): Tokens that conform to the JSON Web Token standard and contain information about an entity in the form of claims. They are self-contained in that it is not necessary for the recipient to call a server to validate the token.
  • Opaque tokens: Tokens in a proprietary format that typically contain some identifier to information in a server’s persistent storage. To validate an opaque token, the recipient of the token needs to call the server that issued the token.

There are five primary tokens used in Auth0's token-based authentication scenarios and referenced in Auth0 documentation.