URL | https://<baseurl>/oauth/introspect |
---|---|
Request |
|
Authentication | Basic |
Request parameters | See below |
Response elements | JSON structure according to standard containing relevant attributes for the Access Token in question |
Example | See below |
Introspect is a standard endpoint used by Resource Servers to determine the particuar Authentication Context for a by-reference Access Token. A Resource Server needs such information to validate incomming tokens before granting access to Proteted Resources it hosts. Note in contrast that self-contained Access Tokens can be validated by a Resource Server without calling the Introspection endpoint. Each of the particular types of by-reference tokens supported by the OIDC Provider from BankID have corresponding support in the Introspect endpoint.
Request parameters
Parameter | Support | Description |
---|---|---|
token | String value of the by-reference token | |
token_hint | Not supported |
Example
x
Below is an example response for the default bearer token from the OIDC Provider in its current BankID pilot configuration in pre-production:
{
"active": true,
"client_id": "Postman",
"username": "5fa97f18-479f-4a8f-86d5-bfadc5d69cd9",
"token_type": "Bearer",
"scope": "openid",
"iss": "https://preprod.bankidapis.no",
"iat": 1494664610,
"exp": 1494668210
}