WSO2 Identity Server provides a SOAP service to validate the OAuth2 token it has issued, which can be used by the resource server.
- Invoke the OAuth Introspection Endpoint
- OAuth Token Validation Using SOAP Service
- OAuth Transaction Logs
However from these 2 methods, the recommended approach is to use the REST API given above.
If subject identifier in the token validation response needs to adhere to the "Use tenant domain in local subject identifier" and "Use user store domain in local subject identifier" configurations in service provider, uncomment below configuration in <IS_HOME>/repository/conf/identity/identity.xml.
- Default value of this property is false.
- If the value is false, subject identifier will be set as the fully qualified username.