<baseurl>/oauth/introspect
Endpoint (standard) | |
---|---|
URL | <baseurl>/oauth/introspect |
Public | No (OIDC Clients must authenticate) |
Parameters | Yes |
The introspect endpoint is thoroughly described in the OIDC/OAUTH2 standards. It is used by resource servers to validate access_tokens received in the authorize header from a client.
In return the resource server get claims from the access_token including its expiration time. The return is in JSON form with a list of name/value pairs.
Parameters
Name | Description |
---|---|