Introspect return 403 forbidden

Lyle · May 28, 2020, 4:16am

Hi There,

Greetings!
Actually this morning I used the authorize endpoint to get a SPA token
https://dev-243304.okta.com/oauth2/ausd202ekYITQSbIx4x6/v1/authorize?client_id=0oackhenpmuDhtpV34x6&response_type=token&scope=openid&redirect_uri=
https%3A%2F%2Fapp.getpostman.com%2Foauth2%2Fcallback&nonce=UBGW2&state=123

then I sent a post request in the postman to the introspect endpoint with the access token in the authentication header, the response status is 200. Everything is fine.

However, after a while, I tried again to get a new token and send to introspect endpoint, every time the response status is 403 forbidden. But the access token can be parsed by the jwt.io debugger correctly.

So that means the same operation but only work for the very first time. (note: I also tried different nonce and state, but the result is 403 forbidden)

Any idea about this?

Thanks & Regards,
Lyle

dragos · May 28, 2020, 6:31am

Hi @Lyle

Can you please clear the cookies that you have stored in Postman and try once again? The previous cookies might conflict with the request.

The cookies can be cleared from the Cookies section underneath the “Send” button on top right side of the application.

Lyle · May 28, 2020, 7:35am

Thanks dragos. it’s really related to cookie. after I clear all cookie, now inspection can work. Thank you very much.

system · January 24, 2024, 7:54pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
POST oath2/default/v1/introspect getting 404 Questions	8	7063	April 6, 2020
Introspection endpoint returning active as false Questions	4	7287	January 2, 2019
Introspect endpoint Questions	5	5541	January 24, 2024
Issue with /introspect Questions	7	9685	November 8, 2019
Introspect endpoint always returns false Questions	2	4418	May 28, 2021

Introspect return 403 forbidden

Related topics