WSO2 Identity Server provides a SOAP service to validate the OAuth2 token it has issued which can be used by the resource server. This section guides you through calling the SOAP service using the SOAP UI.
<IS_HOME>/repository/conf/carbon.xmlfile and set the
<HideAdminServiceWSDLs>property to false.
Note: This step is just to make the admin services WSDL accessible. Once the service WSDL is taken, revert this change to hide admin service WSDLs
- Restart the server to make the changes effective.
- Go to the SOAP UI and give the WSDL location.
Service Name: OAuth2TokenValidationService
- Provide the following parameters to call the validate method as seen below.
- Since this validation service is an admin service, a valid user name and password needs to be provided in order to consume the service.
- Identifier value is the token to be validated.
- If the user claims are also required while validating the access token, a list of claim URIs can be provided as well.
- The response will contain details on the authorized user for the token, whether the token is valid and how many more seconds for which the token is valid. If an error occurred while validating the token, it can be sent as the error message.