WSO2 Identity Server provides a SOAP service to validate the OAuth2 token it has issued, which can be used by the resource server. This section guides you through calling the SOAP service using the SOAP UI.
The relevant code segment in the sample webapp WSO2 playground2 for OAuth2 can be found here.
<IS_HOME>/repository/conf/carbon.xmlfile and set the
<HideAdminServiceWSDLs>property to false.
Note: This step is just to make the admin services WSDL accessible. Once the service WSDL is taken, revert this change to hide admin service WSDLs.
<!-- If this parameter is set, the ?wsdl on an admin service will not give the admin service wsdl. --> <HideAdminServiceWSDLs>true</HideAdminServiceWSDLs>
Restart the server to make the changes effective.
- Go to the SOAP UI and give the WSDL location.
Service Name: OAuth2TokenValidationService
- Provide the following parameters to call the validate method as seen below.
- Since this validation service is an admin service, a valid user name and password needs to be provided in order to consume the service.
- Identifier value is the token to be validated.
- If the user claims are also required while validating the access token, a list of claim URIs can be provided as well.
- The response will contain details on the authorized user for the token, whether the token is valid and how many more seconds for which the token is valid. If an error occurred while validating the token, it can be sent as the error message.
In order to get the user claims of the authorized user as a JWT token with the validation response, see JWT Token Generation.