Introspection endpoint
Validates access tokens.
Client credentials must be included in the HTTP Authorization header.
(Authorization: Basic <credentials>).
Note: The metadata must contain the introspection_endpoint key.
Request parameters
These parameters must be posted as a part of the URL-encoded form values.
Parameter
Description
Mandatory
token
The access token to inspect.
User info endpoint errors
Error id
Description
invalid_request
The request is NOT valid. This is usually due to missing access token.
invalid_client
The calling RP is not allowed.