Hi Ishara, The '*active*' parameter is mandatory according to the Introspection spec[1], to indicate the status of the token.
If we are to send something like what you have suggested we could do so by using a custom attribute in response. But then again that would be something specific to our implementation and would not be understood by standard clients right? [1] https://tools.ietf.org/html/rfc7662#section-2.2 Thanks, Farasath Ahamed Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature> On Fri, Dec 2, 2016 at 10:38 PM, Ishara Cooray <isha...@wso2.com> wrote: > I have used introspect end point to get token info with Identity Server > 5.3.0 > I get {'active':false} response even for expired token. > > *Request :* > curl -k -H 'Content-Type: application/x-www-form-urlencoded' -X POST > --data 'token=a2c12c81-33fb-3e07-aa5e-c50639011199' > https://localhost:9443/oauth2/introspect > <https://www.google.com/url?q=https%3A%2F%2Flocalhost%3A9443%2Foauth2%2Fintrospect&sa=D&sntz=1&usg=AFQjCNEpi8QB_64Z4cbYhSNt1Ip7mao6vQ> > > *Response:* > {'active':false} > > But, if we can have the{ state : expired } that way we can provide a more > concrete response to end user. > > wdyt? > > Thanks & Regards, > Ishara Cooray > Senior Software Eng > > ineer > Mobile : +9477 262 9512 <+94%2077%20262%209512> > WSO2, Inc. | http://wso2.com/ > Lean . Enterprise . Middleware > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
