Skip to content
This repository has been archived by the owner on Feb 25, 2019. It is now read-only.

Access Token Verification

Christian Smith edited this page Apr 28, 2014 · 2 revisions

Token Verification Endpoint

GET Verification Request

GET /token/verify?access_token=b6a29c713c1d824aaefe HTTP/1.1
Host: your.authorization.server
Authorization: Bearer eyJ***iJ9.eyJ***zfQ.Tmt***kd3

POST Verification Request

POST /token/verify HTTP/1.1
Host: your.authorization.server
Content-Type: application/x-www-form-urlencoded
Authorization: Bearer eyJ***iJ9.eyJ***zfQ.Tmt***kd3

access_token=b6a29c713c1d824aaefe

Verification Response

HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{
  "iss":"YOUR.AUTHORIZATION.SERVER",
  "sub":"USER.IDENTIFIER",
  "aud":"CLIENT.IDENTIFIER",
  "iat":1398699513686,
  "exp":1398703113686,
  "scope":"openid profile"
}