3 August 2017
Security and privacy
We implemented OAuth 2.0 Token Introspection according to RFC 7662. It allows to determine the active state of an OAuth 2.0 access token and to determine meta-information about this access token, such as the
scope
.- [API] OAuth 2.0 Token Introspection is available on the auth service.
- [API] The new
introspect_oauth_tokens
scope allows a client to introspect tokens issued to other clients.