Token Introspection Endpoint

The Token Introspection endpoint allows your application to return information about an access token or refresh token. You can find this endpoint from the OAuth Discovery Endpoint.

OAuth Discovery Endpoint

https://<EID Server>/oauth/.well-known/openid-configuration

How to call the Token Introspection Endpoint

1. Initiate a request to the EmpowerID Token Introspection endpoint, https://<EID Server>/oauth/v2/tokeninfo

POST /oauth/v2/userinfo HTTP/1.1 Host: <EID Server> Content-Type: application/x-www-form-urlencoded Cache-Control: no-cache Authorization: Basic base64Encode(<ClientID>:<ClientSecret>)   token=xxxxxxxxxxxxxxxxxx &token_type_hint=refresh_token/access_token

Header Parameter

Required/Optional

Description

Header Parameter

Required/Optional

Description

Content-Type

required

Must be application/x-www-form-urlencoded.

Authorization

required

Base64 encoded value of ClientID and Client Secret base64Encode(<client_id>:<client_secret>)

Post Body Parameter

Required/Optional

Description

Post Body Parameter

Required/Optional

Description

token

required

Must be the EmpowerID access token or refresh token

token_type_hint=refresh_token OR token_type_hint=access_token

required

If the token is a refresh token, set token_type_hint=refresh_token; otherwise, set token_type_hint=access_token

2. Returns token information in the response

{ "active": true, "client_id": "xxxxxxxxxxxxxxxxxxxxxxxx", "token_type": "Bearer", "username": "xxxxxxxxxx", "exp": 1555698438, "iat": 1555694839, "nbf": 1555694839, "sub": "xxxxxxxxxxxxx", "iss": "xxxxxxxxxxxxx" }

 

IN THIS ARTICLE