Validate Access Token Flow
get
/oauth2/rest/token/info
Request
Supported Media Types
- application/json
- application/x-www-form-urlencoded
Query Parameters
-
access_token(required): string
Access Token to be validated
-
identityDomain: string
Alternate query parameter name for 'x-oauth-identity-domain-name' header parameter. This can be used if header parameter can not be passed in some scenarios.
Header Parameters
Back to Top
Response
Supported Media Types
- application/json
- application/json,image/png
200 Response
Access Token Details
Root Schema : AccessTokenDetails
Type:
Show Source
object
-
aud:
string
Expected Audience
-
client:
string
Client ID
-
domain:
string
Identity Domain
-
exp:
integer
Expires In
-
iat:
integer
Issued At
-
iss:
string
Issuer
-
jti:
string
Identifier
-
scope:
string
Allowed Scopes
-
sub:
string
Subject
400 Response
Bad Request
Root Schema : ErrorCode
Type:
Show Source
object
-
errorCode:
string
Error Code Generated
-
errorDesc:
string
Translated Error Description
-
secErrorDesc:
string
Secondary Error Message
Examples
The following cURL command shows a sample request against the server for validating Access Tokens.
cURL Syntax #1
Initiate a GET call with /oauth2/rest/token/info having access_token as Header:
curl -X GET http://<ManagedServerHost>:<ManagedServerPort>/oauth2/rest/token/info -H 'Authorization: Bearer <ACCESS TOKEN>' -H 'X-OAUTH-IDENTITY-DOMAIN-NAME: <OAUTH-DOMAIN>'
cURL Example
Validate at /oauth2/rest/token/info with access_token passed as header:
curl -X GET http://example.com:7778/oauth2/rest/token/info -H 'Authorization: Bearer eyJraWQiOiJvcmFjbGUxMSIsIng1dCI6InZCWVZJNURZejRZX1FZY2p4RFM0UFlqREJ1byIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJhdWQiOlsib3JhY2xlMTFyczEiLCJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJjbGllbnQxMSJdLCJleHAiOjE2ODQyMjk3NzEsImp0aSI6IjVtUmtZTkI5UWtfVWE3UnVwWDdHWGciLCJpYXQiOjE2ODQyMjYxNzEsInN1YiI6InVzZXIxIiwiY2xpZW50IjoiY2xpZW50MTEiLCJzY29wZSI6WyJvcmFjbGUxMXJzMS5JbmZvIiwib3BlbmlkIl0sImRvbWFpbiI6Im9yYWNsZTExIiwiZ3JhbnQiOiJBVVRIT1JJWkFUSU9OX0NPREUiLCJjdXN0b21lQXR0cjEiOiJDdXN0b21WYWx1ZSJ9.TouJrKoVkFQWYZ8WM4R4ydAeeTXtm88ruinCUUdOProPvJ6qI-yY3cPbtAGCB3WfQr3ZfPQX8L30EU_zZuH2TVVscIuGt7ksuBGiZOPpiCI0Ap-4oL8XaAtYRhC1uezrQ7UJ7WsLVjwLVC5WEJKqpn69PmqCrBr0a3qFxWo21ZcTJep_Uwx8oDfevejKdMjJHIDCohjza-MvBWlPdQL_f4jTDojW56tUhCefihOTq_6uLUpEQCkPqQSW3T8nf8z3TNFpFpFSgIq-vwQWeHS09bqC79fKC_xOw71qF5rKWLQtCGgpVKHHtfyu6xfg4WwGPlowoohUSKE5hb4ksST8ZQ' -H 'X-OAUTH-IDENTITY-DOMAIN-NAME: oracle11'
cURL Syntax #2
Initiate a GET call with /oauth2/rest/token/info having access_token as Query Parameter:
curl -X GET http://<ManagedServerHost>:<ManagedServerPort>/oauth2/rest/token/info?access_token=<ACCESS TOKEN> -H 'X-OAUTH-IDENTITY-DOMAIN-NAME: <OAUTH-DOMAIN>'
cURL Example
Validate at /oauth2/rest/token/info with
access_token passed as query
parameter:
curl -i -H 'Authorization:Basic Y2xpZW50MTE6V2VsY29tZTE=' -H 'Content-Type:application/x-www-form-urlencoded;charset=UTF-8' -H 'X-OAUTH-IDENTITY-DOMAIN-NAME:oracle11' --request GET 'http://example.com:7778/oauth2/rest/token/info?access_token=eyJraWQiOiJvcmFjbGUxMSIsIng1dCI6InZCWVZJNURZejRZX1FZY2p4RFM0UFlqREJ1byIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJhdWQiOlsib3JhY2xlMTFyczEiLCJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJjbGllbnQxMSJdLCJleHAiOjE2ODQyMjk3NzEsImp0aSI6IjVtUmtZTkI5UWtfVWE3UnVwWDdHWGciLCJpYXQiOjE2ODQyMjYxNzEsInN1YiI6InVzZXIxIiwiY2xpZW50IjoiY2xpZW50MTEiLCJzY29wZSI6WyJvcmFjbGUxMXJzMS5JbmZvIiwib3BlbmlkIl0sImRvbWFpbiI6Im9yYWNsZTExIiwiZ3JhbnQiOiJBVVRIT1JJWkFUSU9OX0NPREUiLCJjdXN0b21lQXR0cjEiOiJDdXN0b21WYWx1ZSJ9.TouJrKoVkFQWYZ8WM4R4ydAeeTXtm88ruinCUUdOProPvJ6qI-yY3cPbtAGCB3WfQr3ZfPQX8L30EU_zZuH2TVVscIuGt7ksuBGiZOPpiCI0Ap-4oL8XaAtYRhC1uezrQ7UJ7WsLVjwLVC5WEJKqpn69PmqCrBr0a3qFxWo21ZcTJep_Uwx8oDfevejKdMjJHIDCohjza-MvBWlPdQL_f4jTDojW56tUhCefihOTq_6uLUpEQCkPqQSW3T8nf8z3TNFpFpFSgIq-vwQWeHS09bqC79fKC_xOw71qF5rKWLQtCGgpVKHHtfyu6xfg4WwGPlowoohUSKE5hb4ksST8ZQ