TokenInfo Endpoint is used for validating refresh token and access tokens issued in OAuth 2.0 Authorization flows. Clients can send the access token via Authorization Header. This endpoint returns a JSON response stating whether the token is valid.
Endpoint URL: https://<Identity Server URL: Port Number>/nidp/oauth/nam/tokeninfo
Request method: GET and POST
NOTE:This endpoint is deprecated. It is recommended to use the Token Introspect endpoint, /introspect. For information about /introspect, see Section 4.6, Token Introspect Endpoint.
The request should contain the token in the Authorization header as follows:
Authorization: Bearer access_token
The response to the TokenInfo endpoint will contain the following values in JSON format:
|
Parameter |
Required |
Description |
|---|---|---|
|
expires_in |
Yes |
number of seconds the token is valid from now |
|
user_id |
Yes |
user to whom the token was issued to |
|
scope |
Yes |
list of scope values the token holds |