I have a token from Microsoft OAuth 2.0 with PKCE that in is sent to my Django server from a front-end. How can I verify the integrity of this token? I want to allow users to sign in with their Microsoft accounts.
Why do you need to verify the integrity of the token? You could just attempt to log the user in. If it works, the token is good.
I would check the Microsoft Docs: OAuth and Open ID Connect Protocols for help on logging a user in.
Maybe it's possible to attempt to renew the token as a quick and dirty way of testing during development. Microsoft API Docs: Use a token