1) The problem → I want to make a small API that can detect if the user is authenticated and can can do specific user operations.

2) Why is this important → From my understanding of JWT I would need the API to take the JWT passed to the API and validate its signature. According to this: https://help.memberstack.com/en/articles/4454690-verifying-memberstack-tokens I have the public key, but will also need the private key as well.

3) What's your plan B →

4) Possible solutions we could build for you →. A way to get a separate? private key, or to share the private key