REST API for OAuth in Oracle Access Manager

Validate Access Token Flow

get

/oauth2/rest/token/info

Request

Supported Media Types

application/json
application/x-www-form-urlencoded

Query Parameters

access_token(required): string

Access Token to be validated
identityDomain: string

Alternate query parameter name for 'x-oauth-identity-domain-name' header parameter. This can be used if header parameter can not be passed in some scenarios.

Header Parameters

x-oauth-identity-domain-name(required): string

Response

Supported Media Types

application/json
application/json,image/png

200 Response

Access Token Details

Root Schema : AccessTokenDetails

Type: object

Show Source

aud: string

Expected Audience
client: string

Client ID
domain: string

Identity Domain
exp: integer

Expires In
iat: integer

Issued At
iss: string

Issuer
jti: string

Identifier
scope: string

Allowed Scopes
sub: string

Subject

{
    "type":"object",
    "properties":{
        "iss":{
            "type":"string",
            "description":"Issuer"
        },
        "aud":{
            "type":"string",
            "description":"Expected Audience"
        },
        "exp":{
            "type":"integer",
            "description":"Expires In"
        },
        "jti":{
            "type":"string",
            "description":"Identifier"
        },
        "iat":{
            "type":"integer",
            "description":"Issued At"
        },
        "sub":{
            "type":"string",
            "description":"Subject"
        },
        "client":{
            "type":"string",
            "description":"Client ID"
        },
        "scope":{
            "type":"string",
            "description":"Allowed Scopes"
        },
        "domain":{
            "type":"string",
            "description":"Identity Domain"
        }
    }
}

400 Response

Bad Request

Root Schema : ErrorCode

Type: object

Show Source

errorCode: string

Error Code Generated
errorDesc: string

Translated Error Description
secErrorDesc: string

Secondary Error Message

{
    "type":"object",
    "properties":{
        "errorCode":{
            "type":"string",
            "description":"Error Code Generated"
        },
        "errorDesc":{
            "type":"string",
            "description":"Translated Error Description"
        },
        "secErrorDesc":{
            "type":"string",
            "description":"Secondary Error Message"
        }
    }
}

Examples

The following cURL command shows a sample request against the server for validating Access Tokens.

cURL Syntax #1

Initiate a GET call with /oauth2/rest/token/info having access_token as Header:

curl -X GET http://<ManagedServerHost>:<ManagedServerPort>/oauth2/rest/token/info -H  'Authorization: Bearer <ACCESS TOKEN>' -H 'X-OAUTH-IDENTITY-DOMAIN-NAME: <OAUTH-DOMAIN>'

cURL Example

Validate at /oauth2/rest/token/info with access_token passed as header:

curl -X GET http://example.com:7778/oauth2/rest/token/info -H  'Authorization: Bearer eyJraWQiOiJvcmFjbGUxMSIsIng1dCI6InZCWVZJNURZejRZX1FZY2p4RFM0UFlqREJ1byIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJhdWQiOlsib3JhY2xlMTFyczEiLCJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJjbGllbnQxMSJdLCJleHAiOjE2ODQyMjk3NzEsImp0aSI6IjVtUmtZTkI5UWtfVWE3UnVwWDdHWGciLCJpYXQiOjE2ODQyMjYxNzEsInN1YiI6InVzZXIxIiwiY2xpZW50IjoiY2xpZW50MTEiLCJzY29wZSI6WyJvcmFjbGUxMXJzMS5JbmZvIiwib3BlbmlkIl0sImRvbWFpbiI6Im9yYWNsZTExIiwiZ3JhbnQiOiJBVVRIT1JJWkFUSU9OX0NPREUiLCJjdXN0b21lQXR0cjEiOiJDdXN0b21WYWx1ZSJ9.TouJrKoVkFQWYZ8WM4R4ydAeeTXtm88ruinCUUdOProPvJ6qI-yY3cPbtAGCB3WfQr3ZfPQX8L30EU_zZuH2TVVscIuGt7ksuBGiZOPpiCI0Ap-4oL8XaAtYRhC1uezrQ7UJ7WsLVjwLVC5WEJKqpn69PmqCrBr0a3qFxWo21ZcTJep_Uwx8oDfevejKdMjJHIDCohjza-MvBWlPdQL_f4jTDojW56tUhCefihOTq_6uLUpEQCkPqQSW3T8nf8z3TNFpFpFSgIq-vwQWeHS09bqC79fKC_xOw71qF5rKWLQtCGgpVKHHtfyu6xfg4WwGPlowoohUSKE5hb4ksST8ZQ' -H 'X-OAUTH-IDENTITY-DOMAIN-NAME: oracle11'

cURL Syntax #2

Initiate a GET call with /oauth2/rest/token/info having access_token as Query Parameter:

curl -X GET http://<ManagedServerHost>:<ManagedServerPort>/oauth2/rest/token/info?access_token=<ACCESS TOKEN> -H 'X-OAUTH-IDENTITY-DOMAIN-NAME: <OAUTH-DOMAIN>'

cURL Example

Validate at /oauth2/rest/token/info with access_token passed as query parameter:

curl -i -H 'Authorization:Basic Y2xpZW50MTE6V2VsY29tZTE=' -H 'Content-Type:application/x-www-form-urlencoded;charset=UTF-8' -H 'X-OAUTH-IDENTITY-DOMAIN-NAME:oracle11' --request GET 'http://example.com:7778/oauth2/rest/token/info?access_token=eyJraWQiOiJvcmFjbGUxMSIsIng1dCI6InZCWVZJNURZejRZX1FZY2p4RFM0UFlqREJ1byIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJhdWQiOlsib3JhY2xlMTFyczEiLCJodHRwOi8vZXhhbXBsZS5jb206Nzc3OC9vYXV0aDIiLCJjbGllbnQxMSJdLCJleHAiOjE2ODQyMjk3NzEsImp0aSI6IjVtUmtZTkI5UWtfVWE3UnVwWDdHWGciLCJpYXQiOjE2ODQyMjYxNzEsInN1YiI6InVzZXIxIiwiY2xpZW50IjoiY2xpZW50MTEiLCJzY29wZSI6WyJvcmFjbGUxMXJzMS5JbmZvIiwib3BlbmlkIl0sImRvbWFpbiI6Im9yYWNsZTExIiwiZ3JhbnQiOiJBVVRIT1JJWkFUSU9OX0NPREUiLCJjdXN0b21lQXR0cjEiOiJDdXN0b21WYWx1ZSJ9.TouJrKoVkFQWYZ8WM4R4ydAeeTXtm88ruinCUUdOProPvJ6qI-yY3cPbtAGCB3WfQr3ZfPQX8L30EU_zZuH2TVVscIuGt7ksuBGiZOPpiCI0Ap-4oL8XaAtYRhC1uezrQ7UJ7WsLVjwLVC5WEJKqpn69PmqCrBr0a3qFxWo21ZcTJep_Uwx8oDfevejKdMjJHIDCohjza-MvBWlPdQL_f4jTDojW56tUhCefihOTq_6uLUpEQCkPqQSW3T8nf8z3TNFpFpFSgIq-vwQWeHS09bqC79fKC_xOw71qF5rKWLQtCGgpVKHHtfyu6xfg4WwGPlowoohUSKE5hb4ksST8ZQ