Get Token Introspection Details Using POST

Get Token Introspection Details Using POST

The call is protected by HTTP Basic authentication with client_id and client_secret. Note: when using Public OAuth clients, Authorization is required using the format 'Basic Base64_Encode(client_id:)' with empty client_secret. This endpoint follows the token introspection specifications defined in https://tools.ietf.org/html/rfc7662. Only introspection of refresh tokens is supported. Include the parameter using application/x-www-form-urlencoded format in the HTTP request body.

Access Policy

Role User Accounts Service Accounts (Client Credentials Applications)
Anonymous ✔️ ✔️
Request
URI
POST
https://{api_host}/csp/gateway/am/api/auth/introspect
COPY
Header Parameters
string
authorization
Required

Basic auth with client credentials [Basic Base64_Encode(client_id:client_secret)] Note: when using Public OAuth clients, Authorization is required using the format 'Basic Base64_Encode(client_id:)' with empty client_secret.

Request Body

The application/x-www-form-urlencoded form data type.

GetTokenIntrospectionDetails of mimetype application/x-www-form-urlencoded
Optional
string
token
Required

The token to be introspected.

Authentication
This operation uses the following authentication methods.
Responses
200

JSON object representing the refresh token's information. The 'active' top-level member will indicate whether or not the presented token is currently active. If active, additional members will be present in the response.

Returns TokenIntrospectionResponse of type(s) application/json 
{
    "active": false,
    "exp": 0,
    "iat": 0,
    "orgId": "string",
    "sub": "string",
    "token_type": "string"
}
boolean
active
Optional

Indicator of whether or not the presented token is currently active.

integer As int64 As int64
exp
Optional

The timestamp the token expires at (measured in number of seconds since 1/1/1970 UTC).

integer As int64 As int64
iat
Optional

The timestamp the token was created at (measured in number of seconds since 1/1/1970 UTC).

string
orgId
Optional

Unique identifier (GUID) of the organization.

string
sub
Optional

The unique identifier of the user, on behalf of which the token was issued.

string
token_type
Optional

The type of the token.


400

Authorization header must be specified | Invalid authorization header. Missing "Basic" prefix | Invalid authorization header | Bad Request - Client ID in path doesn't match the Client ID in the Basic Authorization Header.

Returns CspErrorResponse of type(s) application/json 
{
    "cspErrorCode": "string",
    "errorCode": "string",
    "message": "string",
    "moduleCode": 0,
    "requestId": "string",
    "statusCode": 0
}
string
cspErrorCode
Optional

cspErrorCode

string
errorCode
Optional

errorCode

string
message
Optional

message

integer As int32 As int32
moduleCode
Optional

moduleCode

string
requestId
Optional

requestId

integer As int32 As int32
statusCode
Optional

statusCode


404

The requested resource could not be found

Returns CspErrorResponse of type(s) application/json 
{
    "cspErrorCode": "string",
    "errorCode": "string",
    "message": "string",
    "moduleCode": 0,
    "requestId": "string",
    "statusCode": 0
}
string
cspErrorCode
Optional

cspErrorCode

string
errorCode
Optional

errorCode

string
message
Optional

message

integer As int32 As int32
moduleCode
Optional

moduleCode

string
requestId
Optional

requestId

integer As int32 As int32
statusCode
Optional

statusCode


409

The request could not be processed due to a conflict

Returns CspErrorResponse of type(s) application/json 
{
    "cspErrorCode": "string",
    "errorCode": "string",
    "message": "string",
    "moduleCode": 0,
    "requestId": "string",
    "statusCode": 0
}
string
cspErrorCode
Optional

cspErrorCode

string
errorCode
Optional

errorCode

string
message
Optional

message

integer As int32 As int32
moduleCode
Optional

moduleCode

string
requestId
Optional

requestId

integer As int32 As int32
statusCode
Optional

statusCode


429

The user has sent too many requests

Returns CspErrorResponse of type(s) application/json 
{
    "cspErrorCode": "string",
    "errorCode": "string",
    "message": "string",
    "moduleCode": 0,
    "requestId": "string",
    "statusCode": 0
}
string
cspErrorCode
Optional

cspErrorCode

string
errorCode
Optional

errorCode

string
message
Optional

message

integer As int32 As int32
moduleCode
Optional

moduleCode

string
requestId
Optional

requestId

integer As int32 As int32
statusCode
Optional

statusCode


500

An unexpected error has occurred while processing the request

Returns CspErrorResponse of type(s) application/json 
{
    "cspErrorCode": "string",
    "errorCode": "string",
    "message": "string",
    "moduleCode": 0,
    "requestId": "string",
    "statusCode": 0
}
string
cspErrorCode
Optional

cspErrorCode

string
errorCode
Optional

errorCode

string
message
Optional

message

integer As int32 As int32
moduleCode
Optional

moduleCode

string
requestId
Optional

requestId

integer As int32 As int32
statusCode
Optional

statusCode


On This Page
Authentication Operations
POST
Get Access Token By Api Refresh Token Using POST
POST
Get Api Token Details Using POST
POST
Get Identity Provider Logout Url Using POST
POST
Get Identity Provider Logout Url V2 Using POST
GET
Get Json Web Keys Using GET
GET
Get Public Key Using GET
POST
Get Token For Authorization Grant Type Using POST
POST
Get Token Introspection Details Using POST
POST
Revoke Token Using POST