| Endpoint | |
|---|---|
| URL | <baseurl>/oauth/introspect |
| Request |
|
| Authentication | Basic |
Introspect is a standard endpoint used by Resource Servers to determine the particuar Authentication Context for a by-reference Access Token. A Resource Server needs such information to validate incomming tokens before granting access to Proteted Resources it hosts. Note in contrast that self-contained Access Tokens can be validated by a Resource Server without calling the Introspection endpoint. Each of the particular types of by-reference tokens supported by the OIDC Provider from BankID have corresponding support in the Introspect endpoint.
Request parameters
| Parameter | Support | Description |
|---|---|---|
token |  | String value of the by-reference token |
| token_hint |  | Not supported |
Response elements
The response is a JSON structure containing relevant claims for the Access Token in question. Below is an example response for the default bearer token from the OIDC Provider in its current BankID pilot configuration in pre-production:
{
"active": true,
"client_id": "Postman",
"username": "5fa97f18-479f-4a8f-86d5-bfadc5d69cd9",
"token_type": "Bearer",
"scope": "openid",
"iss": "https://preprod.bankidapis.no",
"iat": 1494664610,
"exp": 1494668210
}