Protocol API Reference

Token

Token management endpoints

The token model

The token model contains all the information about token.

Properties

  • Name
    client_id
    Type
    string,null
    Description

    No description provided.

  • Name
    client_secret
    Type
    string,null
    Description

    No description provided.

  • Name
    code
    Type
    string,null
    Description

    No description provided.

  • Name
    code_verifier
    Type
    string,null
    Description

    No description provided.

  • Name
    grant_type
    Type
    string
    Description

    No description provided.

  • Name
    redirect_uri
    Type
    string,null
    Description

    No description provided.

  • Name
    refresh_token
    Type
    string,null
    Description

    No description provided.

  • Name
    scope
    Type
    string,null
    Description

    No description provided.

POST/introspect

Token Introspection Endpoint

Validates and returns information about an OAuth 2.0 token. This endpoint allows resource servers to check the validity and metadata of access tokens and refresh tokens.

Required attributes

  • Name
    token
    Type
    string
    Description

    No description provided.

  • Name
    token_type_hint
    Type
    string,null
    Description

    No description provided.

Request

POST
/introspect
curl https://api.example.com/introspect \
  -H "Authorization: Bearer {token}" \
  -d '{"example": "value"}'

Response

{
  "id": "123456",
  "name": "Example",
  "created_at": 1591478057
}
POST/revoke

Token Revocation Endpoint

Revokes an access token or refresh token. This endpoint allows clients to invalidate tokens they no longer need.

Required attributes

  • Name
    token
    Type
    string
    Description

    No description provided.

  • Name
    token_type_hint
    Type
    string,null
    Description

    No description provided.

Request

POST
/revoke
curl https://api.example.com/revoke \
  -H "Authorization: Bearer {token}" \
  -d '{"example": "value"}'
POST/token

Token Endpoint

Issues access tokens, refresh tokens, and ID tokens. This endpoint supports multiple OAuth 2.0 grant types including authorization code, refresh token, and client credentials.

Required attributes

  • Name
    client_id
    Type
    string,null
    Description

    No description provided.

  • Name
    client_secret
    Type
    string,null
    Description

    No description provided.

  • Name
    code
    Type
    string,null
    Description

    No description provided.

  • Name
    code_verifier
    Type
    string,null
    Description

    No description provided.

  • Name
    grant_type
    Type
    string
    Description

    No description provided.

  • Name
    redirect_uri
    Type
    string,null
    Description

    No description provided.

  • Name
    refresh_token
    Type
    string,null
    Description

    No description provided.

  • Name
    scope
    Type
    string,null
    Description

    No description provided.

Request

POST
/token
curl https://api.example.com/token \
  -H "Authorization: Bearer {token}" \
  -d '{"example": "value"}'

Response

{
  "id": "123456",
  "name": "Example",
  "created_at": 1591478057
}

Was this page helpful?