I am trying to use the introspect endpoint; however, every time I try to introspect an access_token I get:
{“error”:“invalid_client”,“error_description”:“Client authentication failed. Either the client or the client credentials are invalid.”}
My search on the issue led me here: Issue with /introspect
and that indicates that, indeed, all I should need is to pass the client_id to the introspect endpoint.
The validation SDK from OKTA for node.js works as well. So, I know for certain it is something I am doing wrong.
I’m posting this here because it is purely a test environment I have setup with no actual ties to anything.
curl -H “Content-type:application/x-www-form-urlencoded” -v -X POST https://dev-595716.okta.com/oauth2/default/v1/introspect -d “client_id=0oa18vuneRem3YFas4x6&token_type_hint=access_token&token=eyJraWQiOiI1LVJ0bmNxZ0JFeHUwa2lZXzFsbmtJN0h5YXphOURfR3VfekQxRzNWU2xjIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULnc1bEo3LVl5bUF0SDJCN1Zub2IxQXZGT1JmWlJiQmdDSXBCMHYxT00waTgiLCJpc3MiOiJodHRwczovL2Rldi01OTU3MTYub2t0YS5jb20vb2F1dGgyL2RlZmF1bHQiLCJhdWQiOiJhcGk6Ly9kZWZhdWx0IiwiaWF0IjoxNTgwNjM0MTA2LCJleHAiOjE1ODA2Mzc3MDYsImNpZCI6IjBvYTE4dmcydkFURGNIUEx5NHg2Iiwic2NwIjpbImZ1bGxfYWNjZXNzIl0sInN1YiI6IjBvYTE4dmcydkFURGNIUEx5NHg2In0.YilPVfIC3kwi_Os7TRb240NnaRCNI346ZF2PRP9S2l-dgFxWRGVcCr9R7VP3UgxNLHPF61yZWDE3Njg6rzRtGaycqBqw_GsoTY7GGhr0S3uThlkqFlmM0TKUyjgnowkIHjavmD5HO0u7zjWeDKc67sR7kOgkRO_Of1M_PAbRKg7LbA_4exJnPjZVSP_ALJ-zGLqn0tbxYPxx5P_Gc0SzcPSKdSg0Js3ygK9-z2l_4ptbHr6ycz9jIDh8wrKT26cI2qEdjevpjdh9qNCNjaCqMCXP8Kl9yCA0jIqw-ipe09XE_rBMc90qiUlQ3vzVYOWx3VIVbxNNd_nWKs1K6fbkbA”
I ensured that the token was generated for the same client.
Could anyone please shed light on what on earth I am doing wrong?
Thank you very much!