Based on my understanding you're talking about JWT Authorization app. If that's not the case please let me know as a comment to this answer.
The JWT Authorization app should be used in combination with one of the SSO apps such as JWT SSO, OAuth2 SSO, or SAML SSO.
When a user is authenticated using any of the SSO apps, if the user does not exist on Tribe we create the user and assign your user provider's userId as externalId while creating the user in Tribe. So, in Tribe's user object, the externalId refers to the user ID in the authentication provider of your product. If the user already exists based on the externalId, we will update their profile using the new information and log them in.
While using the JWT Authorization, Tribe platform decrypts the authorization access token in the header and verify it based on the information provided in the app and extract `sub` key. Then Tribe will find a user in your community with externalId of extracted `sub`. If user exists, we'll perform the API action on their behalf. If they don't exist, we'll throw an error.
You can simply check if a user exists with your external ID in tribe by sending a GET request to the following API endpoint:
Please change the based url to the url of your own community and replace [Your User ID] with the user ID in your product.
Please let me know if this did not answer your question in a comment to this answer.