Validate the Token

post

/oauth2/v1/introspect

Request

Supported Media Types
Header Parameters
Body ()
Root Schema : schema
Type: object
Show Source
  • Access Token
    Example: eyJ4NXQiOiI4Wk5NMEFfNWFuSTc0dGp3Y3FWcWtMN3Z0Q2ciLCJraWQiOiJwcml2YWVrZXkxIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI1YzA4NDcyMi03Njk3LTQ2NzgtOWVmNC01ZDMxYjg5MjgzYTMiLCJuYmYiOjE0NDA3NTk0MDgsInNjb3BlIjoiQUNNRUNhbmRpZGF0ZVByb2ZpbGVTZXJ2aWNlLnJlc3VtZXNfbW9udGhzIG9mZmxpbmVfYWNjZXNzIiwiaXNzIjoiaWRjcy5vcmFjbGUuY29tIiwiZXhwIjoxNDQwNzYzMDA4LCJpYXQiOjE0NDA3NTk0MDgsInRlbmFudCI6IlRFTkFOVDEiLCJqdGkiOiI0MGU2MjU1ZS1lOGVhLTQ5ZTYtYmVlYy03ZjgwMzdkZDM3YTAifQ.OyDEHQB_RHEaeHjKak7coN1w-wsJjH_1a0ehu8h7pKE7uGJLB6fWWHzCMfLk9eXNb_eUvuNNGB7sx7TlRKHFpw
Back to Top

Response

Supported Media Types

200 Response

Access Token validated
Body ()
Root Schema : introspect
Type: object
Validate the token
Show Source

400 Response

Invalid request
Body ()
Root Schema : error
Type: object
Error message that appears during Device Code and User Code generation
Show Source

401 Response

Invalid client
Body ()
Root Schema : error
Type: object
Error message that appears during Device Code and User Code generation
Show Source
Back to Top

Examples

The following example shows how to validate tokens by submitting a POST request on the REST resource using cURL. For more information about cURL, see Use cURL. See the Authorization section for more information on grant types.

Example Request Using cURL

Note:

The command in this example uses the URL structure https://tenant-base-url/resource-path, where tenant-base-url represents the Identity Service URL, and the resource path represents the Identity Service API. See Send Requests for the appropriate URL structure to use.

The following shows an example cURL request to validate an access token.

curl -i
-H 'Authorization: Basic <base64Encoded clientid:secret>'
-H 'Accept: */*'
-H 'Cache-Control: no-cache, no-store, must-revalidate' 
-H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8'
--request POST https://tenant-base-url/oauth2/v1/introspect -d 'token=<token-value>'

Example of Response Body

The following example shows the contents of the response body in JSON format:

{
  "active": true,
  "scope": "get_approles address phone openid profile groups approles email get_groups",
  "client_id": "a5ff6626d76b4fce9c17ae7cbd34a73e",
  "token_type": "JWT",
  "exp": 1495695149,
  "iat": 1495691556,
  "sub": "user@oracle.com",
  "aud": [
    "https://tenant-base-url"
  ],
  "iss": "https://tenant-base-url",
  "jti": "4096b0dd-84fa-4c6b-a20c-9f77b64232cf",
  "tenant": "tenant1",
  "user_tz": "America/Chicago",
  "user_locale": "en",
  "user_displayname": "alice alice",
  "user_tenantname": "tenant1",
  "user.tenant.name": "tenant1",
  "sub_mappingattr": "userName",
  "client_tenantname": "tenant1",
  "user_lang": "en",
  "client_name": "playg"
}

Example Request Using cURL

The following shows an example cURL request to validate an identity token.

curl -i -k
-H 'Authorization: Basic <base64Encoded clientid:secret>'
-H 'Accept: */*'
-H 'Cache-Control: no-cache, no-store, must-revalidate'
-H 'X-RESOURCE-IDENTITY-DOMAIN-NAME: tenant1'
-H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8'
--request POST 'https://tenant-base-url/oauth2/v1/introspect' -d 'token=<token value>'

Example of Response Body

The following example shows the contents of the response body in JSON format:

{
  "active": true,
  "token_type": "JWT",
  "exp": 1506390061,
  "iat": 1506362597,
  "sub": "admin@example.com",
  "aud": [
    "7660e835e37c41799bde537bd8529275",
    "https://identity.oraclecloud.com/"
  ],
  "iss": "https://identity.oraclecloud.com/",
  "jti": "d3b84f55-e4d6-4641-b4b5-49a872c9cf1e",
  "tenant": "tenant1",
  "user_tz": "America/Chicago",
  "user_locale": "en",
  "user_displayname": "admin opc",
  "user_tenantname": "tenant1",
  "sub_mappingattr": "userName",
  "user_lang": "en"
}
Back to Top