Jump to

• Request
• Response
• Examples

Validate Access Token Flow

get

/oauth2/rest/token/info

Request

Supported Media Types

• application/json
• application/x-www-form-urlencoded

Query Parameters

• access_token(required): string
  Access Token to be validated
• identityDomain: string
  Alternate query parameter name for 'x-oauth-identity-domain-name' header parameter. This can be used if header parameter can not be passed in some scenarios.

Header Parameters

• x-oauth-identity-domain-name(required): string

Back to Top

Response

Supported Media Types

• application/json
• application/json,image/png

200 Response

Access Token Details

Body ()

Root Schema : AccessTokenDetails

Type: object

Show Source

• aud: string
  Expected Audience
• client: string
  Client ID
• domain: string
  Identity Domain
• exp: integer
  Expires In
• iat: integer
  Issued At
• iss: string
  Issuer
• jti: string
  Identifier
• scope: string
  Allowed Scopes
• sub: string
  Subject

{
    "type":"object",
    "properties":{
        "iss":{
            "type":"string",
            "description":"Issuer"
        },
        "aud":{
            "type":"string",
            "description":"Expected Audience"
        },
        "exp":{
            "type":"integer",
            "description":"Expires In"
        },
        "jti":{
            "type":"string",
            "description":"Identifier"
        },
        "iat":{
            "type":"integer",
            "description":"Issued At"
        },
        "sub":{
            "type":"string",
            "description":"Subject"
        },
        "client":{
            "type":"string",
            "description":"Client ID"
        },
        "scope":{
            "type":"string",
            "description":"Allowed Scopes"
        },
        "domain":{
            "type":"string",
            "description":"Identity Domain"
        }
    }
}

400 Response

Bad Request

Body ()

Root Schema : ErrorCode

Type: object

Show Source

• errorCode: string
  Error Code Generated
• errorDesc: string
  Translated Error Description
• secErrorDesc: string
  Secondary Error Message

{
    "type":"object",
    "properties":{
        "errorCode":{
            "type":"string",
            "description":"Error Code Generated"
        },
        "errorDesc":{
            "type":"string",
            "description":"Translated Error Description"
        },
        "secErrorDesc":{
            "type":"string",
            "description":"Secondary Error Message"
        }
    }
}

Back to Top

Examples

The following cURL command shows a sample request against the server for validating Access Tokens.

cURL Syntax #1

Initiate a GET call with /oauth2/rest/token/info having access_token as Header:

curl -X GET http://<ManagedServerHost>:<ManagedServerPort>/oauth2/rest/token/info -H  'Authorization: Bearer <ACCESS TOKEN>' -H 'X-OAUTH-IDENTITY-DOMAIN-NAME: <OAUTH-DOMAIN>'

cURL Example

Validate at /oauth2/rest/token/info with access_token passed as header:

curl -X GET http://example.com:7778/oauth2/rest/token/info -H  'Authorization: Bearer eyJraWQiOiJvcmFjbGUxMSIsIng1dCI6InZCWVZJNURZejRZX1FZY2p4RFM0UFlqREJ1byIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJhdWQiOlsib3JhY2xlMTFyczEiLCJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJjbGllbnQxMSJdLCJleHAiOjE2ODQyMjk3NzEsImp0aSI6IjVtUmtZTkI5UWtfVWE3UnVwWDdHWGciLCJpYXQiOjE2ODQyMjYxNzEsInN1YiI6InVzZXIxIiwiY2xpZW50IjoiY2xpZW50MTEiLCJzY29wZSI6WyJvcmFjbGUxMXJzMS5JbmZvIiwib3BlbmlkIl0sImRvbWFpbiI6Im9yYWNsZTExIiwiZ3JhbnQiOiJBVVRIT1JJWkFUSU9OX0NPREUiLCJjdXN0b21lQXR0cjEiOiJDdXN0b21WYWx1ZSJ9.TouJrKoVkFQWYZ8WM4R4ydAeeTXtm88ruinCUUdOProPvJ6qI-yY3cPbtAGCB3WfQr3ZfPQX8L30EU_zZuH2TVVscIuGt7ksuBGiZOPpiCI0Ap-4oL8XaAtYRhC1uezrQ7UJ7WsLVjwLVC5WEJKqpn69PmqCrBr0a3qFxWo21ZcTJep_Uwx8oDfevejKdMjJHIDCohjza-MvBWlPdQL_f4jTDojW56tUhCefihOTq_6uLUpEQCkPqQSW3T8nf8z3TNFpFpFSgIq-vwQWeHS09bqC79fKC_xOw71qF5rKWLQtCGgpVKHHtfyu6xfg4WwGPlowoohUSKE5hb4ksST8ZQ' -H 'X-OAUTH-IDENTITY-DOMAIN-NAME: oracle11'

cURL Syntax #2

Initiate a GET call with /oauth2/rest/token/info having access_token as Query Parameter:

curl -X GET http://<ManagedServerHost>:<ManagedServerPort>/oauth2/rest/token/info?access_token=<ACCESS TOKEN> -H 'X-OAUTH-IDENTITY-DOMAIN-NAME: <OAUTH-DOMAIN>'

cURL Example

Validate at /oauth2/rest/token/info with access_token passed as query parameter:

curl -i -H 'Authorization:Basic Y2xpZW50MTE6V2VsY29tZTE=' -H 'Content-Type:application/x-www-form-urlencoded;charset=UTF-8' -H 'X-OAUTH-IDENTITY-DOMAIN-NAME:oracle11' --request GET 'http://example.com:7778/oauth2/rest/token/info?access_token=eyJraWQiOiJvcmFjbGUxMSIsIng1dCI6InZCWVZJNURZejRZX1FZY2p4RFM0UFlqREJ1byIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJhdWQiOlsib3JhY2xlMTFyczEiLCJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJjbGllbnQxMSJdLCJleHAiOjE2ODQyMjk3NzEsImp0aSI6IjVtUmtZTkI5UWtfVWE3UnVwWDdHWGciLCJpYXQiOjE2ODQyMjYxNzEsInN1YiI6InVzZXIxIiwiY2xpZW50IjoiY2xpZW50MTEiLCJzY29wZSI6WyJvcmFjbGUxMXJzMS5JbmZvIiwib3BlbmlkIl0sImRvbWFpbiI6Im9yYWNsZTExIiwiZ3JhbnQiOiJBVVRIT1JJWkFUSU9OX0NPREUiLCJjdXN0b21lQXR0cjEiOiJDdXN0b21WYWx1ZSJ9.TouJrKoVkFQWYZ8WM4R4ydAeeTXtm88ruinCUUdOProPvJ6qI-yY3cPbtAGCB3WfQr3ZfPQX8L30EU_zZuH2TVVscIuGt7ksuBGiZOPpiCI0Ap-4oL8XaAtYRhC1uezrQ7UJ7WsLVjwLVC5WEJKqpn69PmqCrBr0a3qFxWo21ZcTJep_Uwx8oDfevejKdMjJHIDCohjza-MvBWlPdQL_f4jTDojW56tUhCefihOTq_6uLUpEQCkPqQSW3T8nf8z3TNFpFpFSgIq-vwQWeHS09bqC79fKC_xOw71qF5rKWLQtCGgpVKHHtfyu6xfg4WwGPlowoohUSKE5hb4ksST8ZQ

Back to Top