I set up an Identity Server 4 server. In identity server 3 we have the endpoint available, so we can do the following:
POST /connect/accesstokenvalidation
token=<token>
I supposed it is the same on identity server 4, but I get a 404 NOT FOUND. Then I entered to: http://my-endpoint.com/.well-known/openid-configuration and the endpoint is not present.
Should I set up something to make it available on identity server 4?
It is Introspection Endpoint.
POST /connect/introspect
Authorization: Basic xxxyyy
token=<token>
To autorize, use the HTTP Basic authorization flow: combine a <scope>:<scope_secret> pair and convert it into a Base64-encoded string (xxxyyy in example above). The scope_secret value can be specified in the ApiResource definition:
new ApiResource("myapi, "My API")
{
Scopes = {new Scope("post-myapi")},
ApiSecrets = new List<Secret> {new Secret("any_string_you_like".Sha256())},
}
Then, the POST request above should return the response similar to:
{
"nbf": 1491850954,
"exp": 1491854554,
"iss": "api-auth",
"aud": [
"api-auth/resources",
"myapi"
],
"client_id": "foo",
"scope": "post-myapi",
"active": true
}
Full request (copied from Postman):
POST /connect/introspect HTTP/1.1
Host: localhost:6000
Authorization: Basic YXBpLWlzc3VlczpzY29wZVNlY3JldA==
Content-Type: application/x-www-form-urlencoded
token=.......