Hi @Urs_Boller, in that case you first need to remove the web-src/
folder to make your app headless instead of SPA, so that JWT token can
be validated. aio app delete web-assets To test the token, you could
retrieve it from I/O Console, under "Generate JWT token" in your
project, and pass it in the request header to your action, e.g.
`Authorization: Bearer ey1234567890....`.To have the token generation in
action code, you could leverage the Adobe IMS SDK . Please note that,
it's better not to ex...