Microsoft Recommendations on best practices for validating JWT.

[Shivam60]

What am I trying to do?

1. I have a FAST-API webapp hosted on azure app service. I am trying to secure its endpoints via oAuth2.
2. I am using AAD Client Credentials flow.

So far I have been able to get tokens, verify and decode it using the steps mentioned here and secure my endpoints. However it feels that a lot of code that I have written as part of JWT verification is basically re inventing the wheel.

1. Is this the recommended approach/best practice ?
2. Does everyone have to write the code to verify JWT tokens and essentially re invent the wheel ?