<baseurl>/oauth/introspect
Endpoint (standard) | |
---|---|
URL | <baseurl>/oauth/introspect |
Public | No (OIDC Clients must authenticate) |
Parameters | Yes |
The introspect endpoint is thoroughly described in the OIDC/OAUTH2 standards. It is used by resource servers to validate access_tokens received in the authorize header from a client.
In return the resource server get claims from the access_token including its expiration time. The return is in JSON form with a list of name/value pairs.
{
"active": true,
"client_id": "Postman",
"username": "5fa97f18-479f-4a8f-86d5-bfadc5d69cd9",
"token_type": "Bearer",
"scope": "openid",
"iss": "https://preprod.bankidapis.no",
"iat": 1494664610,
"exp": 1494668210
}
Parameters
Name | Description |
---|---|