Introspect a token for the AuthorizationServer

POST /oauth/introspect

Validates the submitted token against the single AuthorizationServer configured in this service instance and returns an introspection response per RFC 7662. This endpoint omits the path parameter and is only available when exactly one authstates entry is configured. Active tokens return "active": true with metadata claims; inactive tokens return {"active": false}. When multiple authorization servers are configured, use the /{tokenIntrospectorName} path-parameter form instead.

Request

Header Parameters

authorization string

application/x-www-form-urlencoded

Body

token string

token_type_hint string

Responses

Successful operation

application/json

Schema
Invalid token example
Valid token example

Schema

any

{
  "active": false
}

{
  "active": true,
  "scope": "openid email",
  "client_id": "my-client-id",
  "token_type": "Bearer",
  "exp": 1419356238,
  "sub": "Z5O3upPC88QrAjx00dis",
  "aud": "https://nevis.net/resource",
  "iss": "https://nevis.net/"
}

Introspect a token for the AuthorizationServer

/oauth/introspect

Request​

Header Parameters

Body

Responses​

Request

Responses