Introspect token details

Client authentication can be provided either:

  1. In the request body using client_id and client_secret parameters, or
  2. Using HTTP Basic authentication with client_id as username and client_secret as password

If both are provided, Basic authentication takes precedence.

Original description: |
Provides information about a token's current state and metadata.
Used by resource servers to validate tokens and get additional information.

Note: This endpoint requires client authentication to prevent token scanning attacks.

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…
Body Params
string
required

The string value of the token to introspect

string
enum

Optional hint about the type of token being introspected

Allowed:
string
required
string
required
Headers
string
enum
Defaults to application/json

Generated from available request content types

Allowed:
Responses

400

Invalid request

401

Invalid client credentials

Language
Credentials
Basic
base64
:
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json