I am learning how to use Auth0 with our Next.js application. Using the nexjs-auth0 SDK. I have successfully authenticated with Auth0 and receive an ID Token and access token (for use against the Auth0 management api). This seems to be the default configuration of things. We have an API we have setup which will use Auth0 authentication as well. What I can't figure out after hours of reading through documentation is how to get an access_token to use against the API.
I keep reading that you don't use an ID Token (profile info) for an API, use an Access Token. In addition it reads to get an Access Token when you authenticate the user(login). I have not been able to figure this out.
I have defined the application and API end point in Auth0. There is a user setup and assigned a role. This role has a few scopes I through on it.
Am I able to get both the ID Token and the access token for our api in the same login call or do I request the API access token after the user is logged in? I am assuming the API access token will be a bearer jwt type-token.