I have set up a CustomGPT with clerk.dev’s custom OAuth flows and CustomGPT’s OAuth form.
I have authenticated successfully with the CustomGPT and I can see the token being sent to my backend server in the Authorization header.
This is all working fine… but my token isn’t a JWT. It doesn’t have the 2 “.” to seperate the parts.
How have people been validating this on the server side?