From 77193a209b52bf25c03a0bdce1c84fdcb27279fe Mon Sep 17 00:00:00 2001
From: Darrow Hartman <32019021+Darrow8@users.noreply.github.com>
Date: Tue, 17 Dec 2024 10:00:48 -0800
Subject: [PATCH] Added some common hiccups to auth0 README

---
 README.md | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/README.md b/README.md
index 3aea5149..f2a9d469 100644
--- a/README.md
+++ b/README.md
@@ -493,6 +493,40 @@ try {
 }
 ```
 
+#### Malformed Access Tokens
+
+If a JWT access token returned by `getCredentials()` is malformed, you may have created an *opaque access token*, which is a token without an audience. In your `authorize()` function call be sure to specify `audience: {your audience}` to prevent malformed access tokens. You can find your application's audience in the auth0 webpage under "Applications" -> "APIs" -> "Auth0 Management API". 
+
+#### Prompting Login Page versus Signup Page
+
+If your application has one button for logging in and one button for signing up, you can prompt Auth0 to direct the user to the appropriate authentication page as such:
+
+```
+const login = async () => {
+      await authorize({
+        scope: ...,
+        audience: ...,
+        additionalParameters: {
+          prompt: 'select_account',
+          screen_hint: 'login'
+        }
+      });
+    // continue with login process!
+  }
+
+  const signup = async () => {
+      await authorize({
+        scope: ...,
+        audience: ...,
+        additionalParameters: {
+          prompt: 'select_account',
+          screen_hint: 'signup'
+        }
+      });
+    // continue with signup process!
+  }
+```
+
 ## Feedback
 
 ### Contributing