Question about OIDC plugin

I’ve read and tried to understand the plugin doc as described here.

I’m trying to poc using tyk with Authentication via Okta OIDC using a jwt.
At steps 5,6,7 I would like to know if the plugin performs a token introspection, or simply a jwt signature verification.
Any insight would be appreciated. Thanks.

Hi Stevie

Its just sig validation currently. Although introspection can be done with a plugin like here: custom-plugin-examples/plugins/go-postauth-oauth2_introspection at master · TykTechnologies/custom-plugin-examples · GitHub