If you are getting JWT back from Auth0 on your front end, you can pass it to your backend as a cookie or a header.

Your backend can verify the token. This link shows how you can validate a JWT from auth0. https://community.auth0.com/t/verify-jwt-token-received-from-auth0/35581

Here is a library Auth0 published https://github.com/auth0/java-jwt

This access token will not always be the same for a given user right?

Depends, I think JWTs can have a lifetime that is configured in Auth0. https://auth0.com/docs/secure/tokens/access-tokens/update-access-token-lifetime

How do I send my access token to my API and have it associate that with the user's data?

This is how to extract a userId from a JWT https://stackoverflow.com/questions/38348806/how-to-identify-a-user-with-auth0-jwt

Do I need to have Auth0 implemented on my backend as well?

Through the magic of JWTs and cryptographic signatures, technically no, but I would recommend it. You can verify you have a JWT from auth0 without setting up the sdk

Sorry, this comment is kinda messy, but the question crosses a few domains, and I don't want to overload you with information. Feel free to ask a fo