Jump to

• Request
• Response
• Examples

Introspect OAuth tokens

post

/oauth2/rest/token/introspect

Request

Supported Media Types

• application/x-www-form-urlencoded

Query Parameters

• identityDomain(required): string
  This is an alternate to 'X-OAUTH-IDENTITY-DOMAIN-NAME' header parameter. If this is provided 'X-OAUTH-IDENTITY-DOMAIN-NAME' is not required. 'X-OAUTH-IDENTITY-DOMAIN-NAME' will take precedance over 'identityDomain' query parameter.

Header Parameters

• X-OAUTH-IDENTITY-DOMAIN-NAME(required): string
  Identity Domain Name.

Form Parameters

• token(required): string
  Token to be introspected

Back to Top

Response

Supported Media Types

• application/json

200 Response

sucess

Body ()

Root Schema : TokenIntrospectionResponse

Type: object

Show Source

• active: boolean
  token is active or not
• aud: array aud
  Audiance
• client: string
  Client to which token is issued.
• domain: string
  Identity domain name
• exp: string
  Expiry Time
• groups: string
  User groups
• identityDomain: string
  Alternate to identity domain name
• iss: string
  Issuer
• jti: string
  jti value
• scope: array scope
  List of scopes
• sessionId: string
  User session id
• sub: string
  Subject of the token

{
    "type":"object",
    "properties":{
        "iss":{
            "type":"string",
            "description":"Issuer"
        },
        "aud":{
            "type":"array",
            "description":"Audiance",
            "items":{
                "type":"string"
            }
        },
        "exp":{
            "type":"string",
            "description":"Expiry Time"
        },
        "jti":{
            "type":"string",
            "description":"jti value"
        },
        "sub":{
            "type":"string",
            "description":"Subject of the token"
        },
        "client":{
            "type":"string",
            "description":"Client to which token is issued."
        },
        "scope":{
            "type":"array",
            "description":"List of scopes",
            "items":{
                "type":"string"
            }
        },
        "domain":{
            "type":"string",
            "description":"Identity domain name"
        },
        "identityDomain":{
            "type":"string",
            "description":"Alternate to identity domain name"
        },
        "groups":{
            "type":"string",
            "description":"User groups"
        },
        "sessionId":{
            "type":"string",
            "description":"User session id"
        },
        "active":{
            "type":"boolean",
            "description":"token is active or not"
        }
    }
}

Nested Schema : aud

Type: array

Audiance

Show Source

• Array of: string

{
    "type":"array",
    "description":"Audiance",
    "items":{
        "type":"string"
    }
}

Nested Schema : scope

Type: array

List of scopes

Show Source

• Array of: string

{
    "type":"array",
    "description":"List of scopes",
    "items":{
        "type":"string"
    }
}

404 Response

Not Found

422 Response

failed to validate token

Back to Top

Examples

cURL Sample Request

curl --location --request POST 'https://<ManagedServerHost>:<ManagedServerPort>/oauth2/rest/token/introspect' \
--header 'X-OAUTH-IDENTITY-DOMAIN-NAME: DomainDocMTLS1' \
--data-urlencode 'token=eyJraWQiOiJDQUJEb21haW5Eb2NNVExTMS1wczI1NiIsIng1dCI6IlNlNWFKbzdFN29BSkRNS2hQaVZLbV80UkR1dyIsImFsZyI6IlBTMjU2In0.
eyJpc3MiOiJodHRwOi8vaWRtcGUwMDI1Lm5ldHdvcmtzcGVvc3Vibi5pZG1vY2ljbG91MDJwaHgub3JhY2xldmNuLmNvbTo3Nzc3IiwiYXVkIjpbIkNBQlJlc291cmNlMSIsIkNB
QkNsaWVudERvY01UTFMxIiwiaHR0cDovL2lkbXBlMDAyNS5uZXR3b3Jrc3Blb3N1Ym4uaWRtb2NpY2xvdTAycGh4Lm9yYWNsZXZjbi5jb206Nzc3NyIsInVzZXIiXSwiZXhwIjox
NjI5ODY3OTQ1LCJqdGkiOiJCR2N4eTZmMjh5VU5yeTA4cEhvSUVBIiwiaWF0IjoxNjI5ODY0MzQ1LCJzdWIiOiJ3ZWJsb2dpYyIsImNsaWVudCI6IkNBQkNsaWVudERvY01UTFMx
Iiwic2NvcGUiOlsiQ0FCUmVzb3VyY2UxLnZpZXdDQUJSZXMiLCJvcGVuaWQiXSwiZG9tYWluIjoiQ0FCRG9tYWluRG9jTVRMUzEiLCJncmFudCI6IkFVVEhPUklaQVRJT05fQ09E
RSIsInNlc3Npb25JZCI6ImNjODRiMDBhLWE5ZGUtNDU0NC1iYzJhLTA0ODEwNDBmMTFmZXwya2kvYlp0R2JGMk9xVzloQ0ZCR3BaZHIyQ042Wk5ySVhrMzBTVEVFdTdZPSIsInN0
YXRpY0F0dHIiOiJDdXN0b21WYWx1ZSIsIm5vbmNlIjoiJTIyJTIyIiwicmVzU3J2QXR0ciI6IlJFU09VUkNFQ09OU1QiLCJjbmYiOnsieDV0I1MyNTYiOiJ5eGFfcGFjYWZrbHR
fNW1xampjX3NodGI5cWhidmR4MHB6Z2h0M2E1bnhjIn19.RiVsbjBowHb23gEyG2emr7dryz3Qi6mFjU5uomL6PHydOOdpEin1nOQub2CJ6LC00--PXNTWURc9DPgdieL4DRyarO
vsXphI_U60vWwGbuD_l3gTAD5zS7eKXvkkWLey21U12o0Q_sAdbYsVeoA4Z9GUYy9jWoZjIJ1o70ffD8YvIwIhSDhBYwaak_D64_NZJM1E3GqxwTJtMR8g7wLg7YZupPwA1Mb-r4
Lc2NzPtiCkfMdfW3JG9FGNx1YY-OZomkWhqLI5osV1sV3zFdgmHbMfWEdvtd2XWFyjCVSy8InGiXNtZO9NGJF0Y58GU4d_iCChiI-WgIXaso_42MfRwQ'

cURL Sample Response

{
    "iss": "https://<ManagedServerHost>:<ManagedServerPort>",
    "aud": [
        "Resource1",
        "ClientDocMTLS1",
        "https://<ManagedServerHost>:<ManagedServerPort>",
        "user"
    ],
    "exp": 1629867945,
    "jti": "BGcxy6f28yUNry08pHoIEA",
    "iat": 1629864345,
    "sub": "weblogic",
    "client": "ClientDocMTLS1",
    "scope": [
        "Resource1.viewRes",
        "openid"
    ],
    "domain": "DomainDocMTLS1",
    "grant": "AUTHORIZATION_CODE",
    "sessionId": "cc84b00a-a9de-4544-bc2a-0481040f11fe|2ki/bZtGbF2OqW9hCFBGpZdr2CN6ZNrIXk30STEEu7Y=",
    "staticAttr": "CustomValue",
    "nonce": "%22%22",
    "resSrvAttr": "RESOURCECONST",
    "cnf": {
        "x5t#S256": "yxa_pacafklt_5mqjjc_shtb9qhbvdx0pzght3a5nxc"
    },
    "rem_exp": 3511,
    "active": true
}

Back to Top