Introspect OAuth Token

Validate an OAuth token and retrieve its claims. This is a standard OAuth 2.0 introspection endpoint.

Request

Request Body schema: application/x-www-form-urlencoded

Request body for OAuth token introspection

token required	string The access token to introspect
clientId required	string (OAuth Client ID) non-empty The unique identifier for an OAuth client, automatically generated during client creation
clientSecret required	string (OAuth Client Secret) non-empty The secret key used for OAuth client authentication. This value is only returned upon client creation or secret rotation and should be stored securely.

Responses

200

Token introspection details retrieved successfully

400

Bad request error

401

Invalid credentials

500

Internal server error

post/oauth/introspect

Request samples

curl
JavaScript
Node.js

curl -i -X POST \
  https://api-prod.surfsight.net/v2/oauth/introspect \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d token=string \
  -d clientId=abc123def456 \
  -d clientSecret=secret_abc123xyz789

Response samples

application/json

{"exp": 0,
"iat": 0,
"jti": "string",
"iss": "string",
"sub": "string",
"typ": "string",
"azp": "string",
"accessLevel": "string",
"name": "string",
"source": "string",
"id": 0,
"type": "string",
"email": "string",
"parentResellerId": 0,
"clientId": "abc123def456",
"username": "string",
"tokenType": "string",
"active": true,
"requestId": "06327cae-e075-42ca-b620-c5cfdd3b4e37"
}