All Release Notes

OAuth 2.0 Token Introspection

3 August 2017
Enhancement
Security

We implemented OAuth 2.0 Token Introspection according to RFC 7662. It allows to determine the active state of an OAuth 2.0 access token and to determine meta-information about this access token, such as the scope.

  • [API] OAuth 2.0 Token Introspection is available on the auth service.
  • [API] The new introspect_oauth_tokens scope allows a client to introspect tokens issued to other clients.