[keycloak-user] Keycloak - grant_type when getting a token and token introspection

[Dorit Mari]

Hi,

When an access_token is generated for grant_type authorization_code, can the token be introspected by keycloak server? When trying to introspect such a token, keycloak server constantly replies with { "active": false }. However, when the access_token is generated for grant_type password, introspection works correctly.
Also, if a token generated for grant_type authorization_code can be introspected, does the introspection procedure differs from the usual introspection (a POST request, with an Authorization header that has Basic scheme whose value fits the Client ID and Client Secret, a Content-Type header whose value is "application/x-www-form-urlencoded", and a body whose value is token="the access_token". In CURL: curl --user testApp:d7945c1b-7174-4ebb-a481-b3c0bf8991ef -d "token=ey.............NPJW71A" -X POST http://localhost:8080/auth/realms/demo/protocol/openid-connect/token/introspect).

Thanks,
Dorit
This email and any files transmitted with it are confidential material. They are intended solely for the use of the designated individual or entity to whom they are addressed. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, use, distribution or copying of this communication is strictly prohibited and may be unlawful.

If you have received this email in error please immediately notify the sender and delete or destroy any copy of this message