Introspect is a standard endpoint used by Resource Servers to determine the particuar Authentication Context for a by-reference Access Token. A Resource Server needs such information to validate incomming tokens before granting access to Proteted Resources it hosts. Note in contrast that  self-contained Access Tokens can be validated by a Resource Server without calling the Introspection endpoint. Each of the particular types of by-reference tokens  supported by the OIDC Provider from BankID have corresponding support in the Introspect endpoint.

...

Parameter	Support	Description
token		String value of the by-reference token
token_hint		Not supported

Anchor
response response

Response parameters

JSON structure containing relevant attributes for the Access Token in question. The following attributes are supported

 = According to standard.  = Feature restriction.  = Custom additions

Parameter	Support	Description
active		Indicator of whether or not the presented token is currently active
scope		Scopes associated with the access token in question
client_id		according to standard
username	???	TBD
token_type		Type of token
exp		according to standard
iat		according to standard
nbf
sub		according to standard
aud
iss		according to standard
jti
nnin_altsub		TBC

Anchor
example example

Example

...