Question about OIDC plugin

I’ve read and tried to understand the plugin doc as described here.
https://tyk.io/docs/basic-config-and-security/security/authentication-authorization/openid-connect/

I’m trying to poc using tyk with Authentication via Okta OIDC using a jwt.
At steps 5,6,7 I would like to know if the plugin performs a token introspection, or simply a jwt signature verification.
Any insight would be appreciated. Thanks.

Hi Stevie

Its just sig validation currently. Although introspection can be done with a plugin like here: https://github.com/TykTechnologies/custom-plugins/tree/master/plugins/go-postauth-oauth2_introspection