Configure Your App Server to Verify NAPPS Tokens
In the NAPPS flow, you can optionally have your app server verify the validity of NAPPS tokens that your app passes to it. To do this, your app server will call the Verify NAPPS Token API as highlighted in blue in the flow below:
For example, you can have your app server call the API once when it initially receives the NAPPS token, and then optionally at intervals to do continuous verification.
To be able to call this API, your app server must be registered with OneLogin. For more information, see the appropriate OS-specific doc: Code SSO for Your iOS App Using NAPPS or Code SSO for Your Android App Using NAPPS.
For more information about the API, see Verify NAPPS Token API.