Skip to content

Token Introspect Endpoint

The token introspect endpoint is an option for clients to get long expiring refresh tokens in JWT format validated. It is currently effective only for IAS applications.

Request

URl: https://<mobile services host>/oauth2/api/v1/introspect

HTTP Method: POST

Request Headers

Header Required Values
Content-Type Yes application/x-www-form-urlencoded
Authorization Yes Bearer (access_token)

Request Parameters

Parameter Required Description Parameter Type
token Yes Must contain the JWT or opaque token from the issuer. Request body

Request Example

token=669c69acf4ef041df936812960a6a9a1

Response

Response Example

If token is valid:

Content-Type: application/json

{

   "sub": "66d91333-fc2c-4258-9735-1c6b08a1e7be",

   "app_tid": "3f87c162-fc6b-431b-8841-b35101dc53e7",

   "iss": https://mobilezonetest1.accounts400.ondemand.com,

   "active": true,

   "groups": "SAPMS_Administrator",

   "given_name": "testadmin",

   "client_id": "4d41f1f0-ee30-4902-868c-702966b5f358",

   "aud":    [

      "4d41f1f0-ee30-4902-868c-702966b5f358",

      "d58993dd-b0f6-4a2d-b2ef-e6c020b5534c"

   ],

   "scim_id": "66d91333-fc2c-4258-9735-1c6b08a1e7be",

   "uid": "P000017",

   "user_uuid": "66d91333-fc2c-4258-9735-1c6b08a1e7be",

   "client_agent": "axios/1.7.4",

   "grant_type": "AUTHORIZATION_CODE",

   "azp": "4d41f1f0-ee30-4902-868c-702966b5f358",

   "scope": "openid offline_access",

   "zone_uuid": "3f87c162-fc6b-431b-8841-b35101dc53e7",

   "client_ip": "3.65.229.137",

   "exp": 1727408789,

   "iat": 1727405189,

   "family_name": "ms",

   "jti": "aa26e921-3e01-408e-8fb1-a61498ee8685",

   "email": testadmin.ms@trash-mail.com,

   "client_auth_method": "client_secret_basic",

   "username": "P000017"

}

If token is not valid:

Content-Type: application/json

{
 "active": false
}

Response Status and Error Codes

Header Required
200 OK Successful operation.
401 Unauthorized The client is not authenticated.
500 Internal Server Error.

For more information, you can refer to the Call Identity Authentication Introspect Token Endpoint.


Last update: November 26, 2024