I’m trying to introspect a token, but getting a 404 when POSTING to:
https://dev-845984.oktapreview.com/oath2/default/v1/introspect
I have the client_id and token in the body, as x-www-form-urlencoded.
Specifically, the request returns the html for the Okta 404 page.
Based on https://developer.okta.com/docs/api/resources/oidc/#introspect , this looks like the correct endpoint to me. Can someone assist?
The url should be:
https://dev-845984.oktapreview.com/oauth2/default/v1/introspect
instead of:
https://dev-845984.oktapreview.com/oath2/default/v1/introspect
Thank you. I can’t believe I missed that.
I’m now getting a ‘invalid_client’ and ‘No client credentials found’ error. I’ve tried including the client_id that I’ve copied from my SPA configuration in both the body as ‘client_id’ and the query params – neither seems to change it. Any ideas?
The post request should be similar:
You can try using postman to see if it returns the correct response. It is working for my oktapreview client.
error:
{
“errorCode”: “E0000021”,
“errorSummary”: “Bad request. Accept and/or Content-Type headers likely do not match supported values.”,
“errorLink”: “E0000021”,
“errorId”: “oaeiKOMRfs7S3SFLEaMqZRdxg”,
“errorCauses”: []
}
The response is bad request 400. I am unable to find it, why it is giving such kind of errror. Please help.
Thank you
Hi @Shubham6541
The error occurs when Accept and Content-Type headers are not added or have an invalid value. Here is a small cURL example for using the introspect endpoint.
curl --location --request POST 'https://dragos.okta.com/oauth2/default/v1/introspect' \
--header 'Accept: application/json' \
--header 'Authorization: Basic MG9hN...' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'token=TOKEN'
Thanx, Here I was missing Content-type: …
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.