So our session management solution issues access tokens that are signed, but they aren't JWTs. So the only way you would want to verify the access token is via our backend SDK's

verifySession

function.