[Openid-specs-ab] Generic introspection endpoint

Nat Sakimura sakimura at gmail.com
Tue Jul 26 15:52:53 UTC 2011


So, could it be something like:

Request Parameters:

- token: access_token, etc.

Response:

HTTP response: 200 OK if it is valid. 404 Not found.

I am not sure if 404 is fine or something like 406 is more appropriate.

=nat

On Tue, Jul 26, 2011 at 10:49 PM, Justin Richer <jricher at mitre.org> wrote:

> I think there's value in it as a general endpoint, especially if others
> have been already doing it. We're currently looking at returning the
> scope and expiration of a token if it's valid, and a 404 if it's not
> valid.
>
>  -- Justin
>
> On Mon, 2011-07-25 at 11:11 -0400, John Bradley wrote:
> > It is something that a number of people like SalesForce do.
> >
> > I don't think it has been generalized yet.
> >
> > Perhaps we should consider proposing it as a more general OAuth endpoint.
> >
> > John B.
> > On 2011-07-25, at 10:47 AM, Justin Richer wrote:
> >
> > > Is there a generic mechanism for the introspection endpoint as
> described
> > > in the connect spec? In that, I have a use for an endpoint that an
> > > oauth2 protected resource can just throw a token at and get a yes/no
> > > type response.
> > >
> > > If this exists out there, can someone point me to the documentation? If
> > > this hasn't been genericized by the group, I'd like to request that we
> > > do so with it.
> > >
> > > -- Justin
> > >
> > > _______________________________________________
> > > Openid-specs-ab mailing list
> > > Openid-specs-ab at lists.openid.net
> > > http://lists.openid.net/mailman/listinfo/openid-specs-ab
> >
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>



-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110727/0d357b98/attachment-0001.html>


More information about the Openid-specs-ab mailing list