[keycloak-user] "Failed to introspect token" problem
Iván Perdomo
ivan at akvo.org
Tue Jul 18 02:58:45 EDT 2017
Hi,
On 07/17/2017 02:42 PM, Holtgrewe, Manuel wrote:
> OIDCOAuthIntrospectionEndpointParams token_type_hint=requesting_party_token
If you're doing a token introspection of an access token the
token_type_hint should be `access_token` as per RFC.
See the documentation:
https://github.com/keycloak/keycloak-documentation/blob/3.2.0.Final/securing_apps/topics/oidc/oidc-generic.adoc#introspection-endpoint
>From the RFC
> The following is a non-normative example request:
>
> POST /introspect HTTP/1.1
> Host: server.example.com
> Accept: application/json
> Content-Type: application/x-www-form-urlencoded
> Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
>
> token=mF_9.B5f-4.1JqM&token_type_hint=access_token
I have a some sample code in a test case:
https://github.com/iperdomo/keycloak-oauth2-instrospection/blob/master/test.sh#L32-L39
I hope this helps.
--
Iván
More information about the keycloak-user
mailing list