From 12402a268faf808c134530f425a9b79adb94a3f2 Mon Sep 17 00:00:00 2001 From: Christian Bouvier Date: Mon, 15 Oct 2018 09:05:33 -0300 Subject: [PATCH] Fixed title underline too short --- docs/sections/tokenintrospection.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/sections/tokenintrospection.rst b/docs/sections/tokenintrospection.rst index db7d989..448dc4f 100644 --- a/docs/sections/tokenintrospection.rst +++ b/docs/sections/tokenintrospection.rst @@ -1,12 +1,12 @@ .. _tokenintrospection: Token Introspection -################## +################### The `OAuth 2.0 Authorization Framework `_ extends its scope with many other speficications. One of these is the `OAuth 2.0 Token Introspection (RFC 7662) `_ which defines a protocol that allows authorized protected resources to query the authorization server to determine the set of metadata for a given token that was presented to them by an OAuth 2.0 client. Client Setup -==== +============ In order to enable this feature, some configurations must be performed in the ``Client``. - The scope key:``token_introspection`` must be added to the client's scope. @@ -16,7 +16,7 @@ If ``OIDC_INTROSPECTION_VALIDATE_AUDIENCE_SCOPE`` is set to ``True`` then: - The ``client_id`` must be added to the client's scope. Introspection Endpoint -==== +====================== The introspection endpoint ``(/introspect)`` is an OAuth 2.0 endpoint that takes a parameter representing an OAuth 2.0 token and returns a JSON document representing the meta information surrounding the token. The introspection endpoint its called using an HTTP POST request with parameters sent as *"application/x-www-form-urlencoded"* and **Basic authentication** (``base64(client_id:client_secret``). @@ -47,7 +47,7 @@ Example Response:: } Introspection Endpoint Errors -==== +============================= In case of error, the Introspection Endpoint will return a JSON document with the key ``active: false`` Example Error Response::