validate

open suspend override fun validate(accessToken: String, idToken: Jwt)

Validates the accessToken against the at_hash claim in the idToken.

Implementations should throw Error if validation fails, or return normally if the at_hash claim is absent (validation not applicable).

accessToken

the access token string to validate.

idToken

the parsed Jwt containing the at_hash claim.