Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 41


POST with parameters as application/x-www-form-urlencoded data

Request parametersSee below
Response elementsSee below
ExampleSee below

Introspect is a standard endpoint used by Resource Servers to determine the particuar Authentication Context for a by-reference Access Token. A Resource Server needs such information to validate incomming tokens before granting access to Proteted Resources it hosts. Note in contrast that  self-contained Access Tokens can be validated by a Resource Server without calling the Introspection endpoint. Each of the particular types of by-reference tokens  supported by the OIDC Provider from BankID have corresponding support in the Introspect endpoint.

Request parameters

(tick) = According to standard. (error) = Feature restriction. 

token(tick)String value of the by-reference token
token_hint(error)Not supported

Response parameters

JSON structure containing relevant attributes for the Access Token in question. The following attributes are supported

(tick) = According to standard. (error) = Feature restriction. (warning) = In progress / future support. (info) = Custom additions


The following example shows a request / response pair for the Introspect endpoint at the BankID pilot in pre-production. The example is generated from Postman (which is configured as a client at the OIDC Provider). The value for the access token in the request (token=4497db915b5b479191c81a7854a2fa8) is taken from the corresponding example for the Token endpoint. 

Request / Response
POST /oidc/oauth/introspect HTTP/1.1
cache-control: no-cache
Postman-Token: e439063e-a9e5-4474-a81d-912f25b8ff8a
Content-Type: application/x-www-form-urlencoded
Authorization: Basic UG9zdG1hbjoxMjM0
User-Agent: PostmanRuntime/3.0.11-hotfix.2
Accept: */*
Content-Length: 37
Connection: close

HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Date: Thu, 25 May 2017 11:20:30 GMT
Connection: close
Content-Length: 198

    "active": true,
    "client_id": "Postman",
    "exp": 1495714336,
    "iat": 1495710736,
    "iss": "",
    "scope": "openid",
    "token_type": "Bearer",
    "username": "2b29ac70-800b-4eb5-bf3d-f0bd61a9e520"

  • No labels