Introspection endpoint

The introspection endpoint provides a way to validate mainly access tokens (active/inactive) and retrieve their associated claims, such as scopes, subject, expiration time, and client information.

Client credentials must be included in the HTTP Authorization header.

(Authorization: Basic <credentials>).

Note: The metadata must contain the introspection_endpoint key.

Example: http://127.0.0.1:8080/oidc/tenant1/introspection-endpoint

Request parameters

These parameters must be posted as a part of the URL-encoded form values.

Parameter

Description

Mandatory

token

The access token to inspect. Both opaque and jwt is supported.

User info endpoint errors

Error id

Description

invalid_request

The request is NOT valid. This is usually due to missing access token.

invalid_client

The calling RP is not allowed.

PreviousUser info endpoint NextEnd session endpoint

hashtagRequest parameters

hashtagUser info endpoint errors

Request parameters

User info endpoint errors