You can use the OAuth Introspection Endpoint[1] which would be nicer to use since it's the implementation fo the standard OAuth introspection spec[2].
[1] https://docs.wso2.com/display/IS530/Invoke+the+OAuth+Introspection+Endpoint [2] https://tools.ietf.org/html/rfc7662 Farasath Ahamed Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature> On Fri, Apr 28, 2017 at 5:28 PM, Hanen Ben Rhouma <[email protected]> wrote: > Thanks Omindu! > > Farasath, actually we're validating the token through a spring security > filter which is delegating under the hood the real validation to WSO2, we > thought of using the SOAP stub to make the validation; Do you think there > is a nicer approach? > > Regards, > Hanen > > On Fri, Apr 28, 2017 at 1:43 PM, Farasath Ahamed <[email protected]> > wrote: > >> >> >> >> >> On Fri, Apr 28, 2017 at 3:10 PM, Hanen Ben Rhouma <[email protected]> >> wrote: >> >>> Hello, >>> >>> Could you please tell me what are the minimum permissions required for a >>> user to invoke token validation stub. >>> >>> curl --user admin:admin --header "Content-Type: text/xml" --header >>> "SOAPAction: validate" -k -d @soap.xml https://localhost:9443/service >>> s/OAuth2TokenValidationService/ >>> >>> I don't want to use the super admin, what should a normal user have as >>> permissions to be able to do such validation. >>> >>> >> Btw any specific reason why you are using the >> OAuth2TokenValidationService SOAP Service over the OAuth2 introspection >> endpoint? >> >> >>> >>> Regards, >>> Hanen >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
