Copyright © Cloud Software Group, Inc. All Rights Reserved
Copyright © Cloud Software Group, Inc. All Rights Reserved


Chapter 13 OAuth Server : Token Validation API
Token Validation API
To validate an access token issued by the authorization server of TIBCO API Exchange Gateway, use the following API:
Name
/access_token
Description
Validates the access token and returns the token information.
Token Validation Request
To send a validate access token request, use the following parameters to the query component of the authorization endpoint URI using the "application/x-www-form-urlencoded" format in the HTTP GET request:
Table 137 Token Validation API Parameters
Parameter
Description
access_token
Specifies the access_token issued by the authorization server.
Required.
Token Validation Request Example
To validate an access token issued by the authorization server, send an HTTP GET request using TLS with the following parameter:
Send the following HTTP request using TLS:
 
GET /asg/oauth2/access_token/2YotnFZFEjr1zCsicMWpAA HTTP/1.1
Host: server.example.com
 
Token Validation Response
If the access token request is valid and authorized, the resource server returns the data associated with the access token, which can be used to query the resources.
Table 138 Token Validation Response Parameters
Parameter
Description
access_token
Specifies the access_token issued by the authorization server.
Required.
resource_uri
Optional, if identical to the scope requested by the client; otherwise, Required.
access_token
Optional, if identical to the scope requested by the client; otherwise, Required.
Token Validation Response Example
The successful response is as follows:
 
 
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache
{
"access_token":"2YotnFZFEjr1zCsicMWpAA",
"expires_in":3600,
"resource_uri":"https://fairlawn.bookclub.org/member/friend",
"scope":"friends"
}
 
 
Token Validation Error
The authorization server responds with an HTTP 400 (Bad Request) status code (unless specified otherwise) and includes the following parameters with the response:
Table 139 Token Validation Error Parameters
Parameter
Description
error
Specifies a single error code returned from the authorization server.
Required.
Refer to table Token Validation Error Codes for the error codes.
 
Table 140 Token Validation Error Codes
Error Code
Description
invalid_request
 
The request is missing a required parameter, includes an unsupported parameter value (other than grant type), repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed.
invalid_grant
 
The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
error_description
 
Optional. Human-readable ASCII [USASCII] text providing additional information, used to assist the client developer in understanding the error that occurred.
error_uri
 
Optional. A URI identifying a human-readable web page with information about the error, used to provide the client developer with additional information about the error.
 
* 
Values for the invalid_grant, error_description, and error_uri, parameters must not include characters outside the set %x20-21 / %x23-5B / %x5D-7E.
Token Validation Error Example
The error response is a HTTP response using the "application/json" media type as follows:
 
HTTP/1.1 400 Bad Request
    Content-Type: application/json;charset=UTF-8
    Cache-Control: no-store
    Pragma: no-cache
{
        "error":"invalid_grant"
}
 
 
 
Copyright © Cloud Software Group, Inc. All Rights Reserved
Copyright © Cloud Software Group, Inc. All Rights Reserved