How to add JWT authorization with Auth0 to a serverless API

Link to chapter —

How can I retrieve the user object from auth0 on the lambda side of the API? As far as I can see, I only have the JWT scopes and payload.

You’ll need to fetch it making a GET call to the /userinfo endpoint, forwarding your bearer token in the authorization header.

curl --url -H "Authorization: Bearer YOUR_TOKEN"

If you also need to get the user_metadata and/or app_metadata, here is how you can achieve that: Auth0: how to include app_metadata in user info

Why are arrays converted to strings without comma delimitation when the JWT is decoded?