Cotter Node for validating JWT Tokens in your server: cotter-node
Cotter's Access Token
Cotter's Access token is a JSON Web Tokens (JWTs) that is used to tell your backend API that the user has been authorized to call the API and perform some action (defined in the scopes attribute of the token).
You should not trust this information after it's expired
Cotter's Refresh Token
Cotter's Refresh Token is an opaque token (i.e. a random string) that is used to generate a new access token and id token when they're expired. Refresh tokens expires every 30 days. You need to re-authenticate the user to get a new refresh token. Check the guide on renewing access and id tokens.
If you have additional metadata from your backend server that you'd like to add to the JWT token (for example, the user's role or name, you can call Cotter's API to add the claims to Cotter's JWT token