I have a Web API built in node say http://www.api.tasks.com/api
The API is being consumed by a client https://www.todolist.com
var clientID : 'todolist'
var clientSecret : 'todolistsecret'
var authorityUrl = 'https://windows.login.net/myTenant';
var resource = 'taskAPIresource'
How can I validate the Bearer token being sent to the API ( http://www.api.tasks.com/api) by a client (https://www.todolist.com) ?