This standard endpoint is used by Resource Servers to determine the particuar Authentication Context for a by-reference Access Token. A Resource Server needs such information to validate incomming tokens before granting access to Proteted Resources it hosts. Note in contrast that self-contained Access Tokens can be validated by a Resource Server without calling the Introspection endpoint. Each of the particular types of by-reference tokens supported by the OIDC Provider from BankID have corresponding support in the Introspect endpoint.
Request parameters
Standard parameters marked 
are supported. Unsupported parameters are marked 
.
| Parameter | Support | Description | ||
|---|---|---|---|---|
token | | String value of the token | ||
| token_hint | |
Response elements
The response is a JSON structure with relevant claims for the Access Token in question. Below is an example response for the default bearer token from the OIDC Provider in its current BankID pilot configuration in pre-production:
{
"active": true,
"client_id": "Postman",
"username": "5fa97f18-479f-4a8f-86d5-bfadc5d69cd9",
"token_type": "Bearer",
"scope": "openid",
"iss": "https://preprod.bankidapis.no",
"iat": 1494664610,
"exp": 1494668210
}