I have used introspect end point to get token info with Identity Server
5.3.0
I get {'active':false} response even for expired token.*Request :* curl -k -H 'Content-Type: application/x-www-form-urlencoded' -X POST --data 'token=a2c12c81-33fb-3e07-aa5e-c50639011199' https://localhost:9443/oauth2/introspect <https://www.google.com/url?q=https%3A%2F%2Flocalhost%3A9443%2Foauth2%2Fintrospect&sa=D&sntz=1&usg=AFQjCNEpi8QB_64Z4cbYhSNt1Ip7mao6vQ> *Response:* {'active':false} But, if we can have the{ state : expired } that way we can provide a more concrete response to end user. wdyt? Thanks & Regards, Ishara Cooray Senior Software Eng ineer Mobile : +9477 262 9512 WSO2, Inc. | http://wso2.com/ Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
