Check if access token is valid - Identity Server
Question
I am using Identity Server4 for a proof of concept project.I have implemented the identity server and I can receive an access token when I authenticate successfully.
For authentication I use, the following endpoint:
http://identity-vm-01/connect/token
and the details I post are:
Now, I would like to check if the token that I receive is valid. For that I am using the following endpoint.
http://identity-vm-01/connect/introspect
with a basic auth header using the client_id and client_secret as shown above, and pass token in the body.
But I receive an Unauthorized error. 401 . It will be great if someone could tell me what is that I am doing wrong.
Thank you
1 answers
solution1
2 ACCPTED 2016-11-10 08:05:27
You need to define a scope secret for api1 (on the Scope class) and use the scope name and secret as client_id/secret.
Clients for the introspection endpoint are not really clients in the OAuth 2 sense - they are APIs.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.