Autional Autional
API Reference GitHub autional.com →

POST /oauth/introspect

OAuth 2.0 token introspection endpoint. Checks token active status, returns token metadata (sub, client_id, scope, exp, etc.). Returns flat JSON (no code/message envelope). Reference: RFC 7662 (Token Introspection).

OAuth None application/x-www-form-urlencoded

Request Parameters

NameInTypeRequiredDefaultExampleConstraintsDescription
token formData string Yes Token to inspect (access_token or refresh_token)

Responses

StatusDescriptionSchema
200Introspection result (active=true includes full token metadata; active=false returns only active field)dto.TokenIntrospectionResponse
400invalid_request: missing token parameter. Reference: RFC 7662 §2.1.dto.OAuthErrorResponse
500server_error: introspection service internal errordto.OAuthErrorResponse

Referenced Schemas

dto.OAuthErrorResponse

OAuth standard error response

FieldTypeRequiredExampleConstraintsDescription
error string No invalid_request Error code
error_description string No Missing required parameter Error description
error_uri string No https://docs.example.com/errors Error URI
state string No state-123 Status

dto.TokenIntrospectionResponse

Token introspection result

FieldTypeRequiredExampleConstraintsDescription
active boolean No True Is active
aud string No auth-ms Audience
client_id string No app-123 Client ID
exp integer No 1713187200 Expiration time
iat integer No 1713183600 Issued at
scope string No openid profile Scope
sub string No usr_abc123 User ID
token_type string No Bearer Token type
username string No user@example.com Username