All Release Notes
OAuth 2.0 Token Introspection
3 August 2017
Enhancement
Security
We implemented OAuth 2.0 Token Introspection according to RFC 7662. It allows to determine the active state of an OAuth 2.0 access token and to determine meta-information about this access token, such as the scope
.
- [API] OAuth 2.0 Token Introspection is available on the auth service.
- [API] The new
introspect_oauth_tokens
scope allows a client to introspect tokens issued to other clients.