You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 17 Next »

Endpoint (standard)
URL<baseurl>/oauth/introspect
AuthenticationBasic  

Introspect is a standard endpoint used by Resource Servers to determine the particuar Authentication Context for a by-reference Access Token. A Resource Server needs such information to validate incomming tokens before granting access to Proteted Resources it hosts. Note in contrast that  self-contained Access Tokens can be validated by a Resource Server without calling the Introspection endpoint. Each of the particular types of by-reference tokens  supported by the OIDC Provider from BankID have corresponding support in the Introspect endpoint.

Request parameters

Supported standard parameters are marked (tick). Unsupported parameters are marked (error).

ParameterSupportDescriptionComment
token(tick)String value of the token 
token_hint(error)  

Response elements

The response is a JSON structure containing relevant claims for the Access Token in question. Below is an example response for the default bearer token from the OIDC Provider in its current BankID pilot configuration in pre-production:

{
 "active": true,
 "client_id": "Postman",
 "username": "5fa97f18-479f-4a8f-86d5-bfadc5d69cd9",
 "token_type": "Bearer",
 "scope": "openid",
 "iss": "https://preprod.bankidapis.no",
 "iat": 1494664610,
 "exp": 1494668210
}

 

  • No labels