Open
Description
I have been working on implementing token-based authentication using Simple JWT with RSA encryption, and I've come across a few doubts that I'd appreciate your expertise in clarifying. Here are my questions:
- When making a request to the "/api/token/verify/" section of the API, what should be the specific value inserted into the request body for the "token" parameter? Is this value synonymous with the access token?
- If the mentioned value is indeed the access token, could you provide an explanation for why it is necessary to share the paths to public keys with clients?
- Could you provide me with an understanding of the significance of the "/api/token/verify/" section within the context of this scenario? Based on my current understanding, the verification of tokens seems to occur automatically when calling the "api/token/" endpoint to obtain token pairs. Is this correct?