Fixed title underline too short
This commit is contained in:
Christian Bouvier
parent
f743e23cc4
commit
12402a268f
1 changed files with 4 additions and 4 deletions
|
|
@ -1,12 +1,12 @@
|
||||||
.. _tokenintrospection:
|
.. _tokenintrospection:
|
||||||
|
|
||||||
Token Introspection
|
Token Introspection
|
||||||
##################
|
###################
|
||||||
|
|
||||||
The `OAuth 2.0 Authorization Framework <https://tools.ietf.org/html/rfc6749>`_ extends its scope with many other speficications. One of these is the `OAuth 2.0 Token Introspection (RFC 7662) <https://tools.ietf.org/html/rfc7662>`_ which defines a protocol that allows authorized protected resources to query the authorization server to determine the set of metadata for a given token that was presented to them by an OAuth 2.0 client.
|
The `OAuth 2.0 Authorization Framework <https://tools.ietf.org/html/rfc6749>`_ extends its scope with many other speficications. One of these is the `OAuth 2.0 Token Introspection (RFC 7662) <https://tools.ietf.org/html/rfc7662>`_ which defines a protocol that allows authorized protected resources to query the authorization server to determine the set of metadata for a given token that was presented to them by an OAuth 2.0 client.
|
||||||
|
|
||||||
Client Setup
|
Client Setup
|
||||||
====
|
============
|
||||||
In order to enable this feature, some configurations must be performed in the ``Client``.
|
In order to enable this feature, some configurations must be performed in the ``Client``.
|
||||||
|
|
||||||
- The scope key:``token_introspection`` must be added to the client's scope.
|
- The scope key:``token_introspection`` must be added to the client's scope.
|
||||||
|
|
@ -16,7 +16,7 @@ If ``OIDC_INTROSPECTION_VALIDATE_AUDIENCE_SCOPE`` is set to ``True`` then:
|
||||||
- The ``client_id`` must be added to the client's scope.
|
- The ``client_id`` must be added to the client's scope.
|
||||||
|
|
||||||
Introspection Endpoint
|
Introspection Endpoint
|
||||||
====
|
======================
|
||||||
The introspection endpoint ``(/introspect)`` is an OAuth 2.0 endpoint that takes a parameter representing an OAuth 2.0 token and returns a JSON document representing the meta information surrounding the token.
|
The introspection endpoint ``(/introspect)`` is an OAuth 2.0 endpoint that takes a parameter representing an OAuth 2.0 token and returns a JSON document representing the meta information surrounding the token.
|
||||||
|
|
||||||
The introspection endpoint its called using an HTTP POST request with parameters sent as *"application/x-www-form-urlencoded"* and **Basic authentication** (``base64(client_id:client_secret``).
|
The introspection endpoint its called using an HTTP POST request with parameters sent as *"application/x-www-form-urlencoded"* and **Basic authentication** (``base64(client_id:client_secret``).
|
||||||
|
|
@ -47,7 +47,7 @@ Example Response::
|
||||||
}
|
}
|
||||||
|
|
||||||
Introspection Endpoint Errors
|
Introspection Endpoint Errors
|
||||||
====
|
=============================
|
||||||
In case of error, the Introspection Endpoint will return a JSON document with the key ``active: false``
|
In case of error, the Introspection Endpoint will return a JSON document with the key ``active: false``
|
||||||
|
|
||||||
Example Error Response::
|
Example Error Response::
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue