URL | https://<baseurl>/oauth/introspect |
---|
Request | POST with parameters as application/x-www-form-urlencoded data
|
---|
Authentication | Basic |
---|
Request parameters | See below |
---|
Response elements | JSON structure according to standard containing relevant attributes for the Access Token in questionSee below |
---|
Example | See below |
---|
Introspect is a standard endpoint used by Resource Servers to determine the particuar Authentication Context for a by-reference Access Token. A Resource Server needs such information to validate incomming tokens before granting access to Proteted Resources it hosts. Note in contrast that self-contained Access Tokens can be validated by a Resource Server without calling the Introspection endpoint. Each of the particular types of by-reference tokens supported by the OIDC Provider from BankID have corresponding support in the Introspect endpoint.
...
Parameter | Support | Description |
---|
token | | String value of the by-reference token |
token_hint | | Not supported |
Response parametersJSON structure containing relevant attributes for the Access Token in question. The following attributes are supported
= According to standard. = Feature restriction. = Custom additions
Example
...