This documentation is in progress and includes all updates released after Identity Server 5.4.1. For documentation specific to a version, see About This Release.
OAuth2 Token Validation and Introspection - WSO2 Identity Server 5.x.x - WSO2 Documentation
Skip to end of metadata
Go to start of metadata

WSO2 Identity Server provides a SOAP service to validate the OAuth2 token it has issued, which can be used by the resource server.

However from these 2 methods, the recommended approach is to use the REST API given above.

If subject identifier in the token validation response needs to adhere to the "Use tenant domain in local subject identifier" and "Use user store domain in local subject identifier" configurations in service provider, uncomment below configuration in <IS_HOME>/repository/conf/identity/identity.xml.

  • Default value of this property is false.
  • If the value is false, subject identifier will be set as the fully qualified username.