Uploaded image for project: 'PUBLIC - OAuth2'
  1. PUBLIC - OAuth2
  2. OAUTH2-28

REQ015 [RFC 7662] OAuth 2.0 Token Introspection

    Details

    • Type: Story
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.0-portal_7.1.0
    • Fix Version/s: 1.0-portal_7.1.0
    • Component/s: None
    • Labels:
      None

      Description

      RFC 7662 is an optional specification that allows authorized protected resources to query the authorization server to determine the set of metadata for a given token.

       

      Usually the Access Token is opaque and carries no information.

       

      Metadata in JSON format include:

      • OAuth2 information
      • as well as JWT claims:
        • exp - OPTIONAL - when this token will expire
        • iat - OPTIONAL - when this token was originally issued
        • nbf - OPTIONAL - not to be used before
        • sub - OPTIONAL - id of user that authorized the token
        • aud - OPTIONAL -  the intended audience for this token
        • iss - OPTIONAL - the issuer of this token
        • jti - OPTIONAL - string identifier for the token

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Packages

                  Version Package
                  1.0-portal_7.1.0