import { IntrospectionResponse } from "https://deno.land/x/authlete_deno@v1.2.10/src/dto/introspection_response.ts";
Enums
The next action that the service implementation should take. |
import { IntrospectionResponse } from "https://deno.land/x/authlete_deno@v1.2.10/src/dto/introspection_response.ts";
Response from Authlete /auth/introspection
API.
Properties
The target resources of the access token.
The target resources this property has may be the same as or
different from the ones resources
property has.
In some flows, the initial request and the subsequent token request
are sent to different endpoints. Example flows are the Authorization
Code Flow, the Refresh Token Flow, the CIBA Ping Mode, the CIBA
Poll Mode and the Device Flow. In these flows, not only the initial
request but also the subsequent token request can include the
resource
request parameters. The purpose of the resource
request
parameters in the token request is to narrow the range of the target
resources from the original set of target resources requested by
the preceding initial request. If narrowing down is performed,
the target resources the resources
property has and the ones
this property has are different. The value of this property is
the narrowed set of target resources.
See "Resource Indicators for OAuth 2.0" for details.
The next action the service implementation should take.
The authorization details. This represents the value of the
authorization_details
request parameter which is defined in
"OAuth 2.0 Rich Authorization Requests".
The client certificate thumbprint used to validate the MTLS-bound access token.
Arbitrary attributes associated with the client.
The client ID alias when the authorization request or the token request for the access token was made. Note that this value may be different from the current client ID alias.
Flag which indicates whether the client ID alias was used when the authorization request or the token request for the access token was made.
The time at which the access token expires in milliseconds since the Unix epoch (1970-01-01).
Extra properties associated with the access token.
The target resources. This represents the resources specified by
the resource
request parameters or by the resource
property
in the request object.
See "Resource Indicators for OAuth 2.0" for details.
Arbitrary attributes associated with the service.
The subject (= resource owner's ID).
This property is not set if the access token was generated by Client Credentials Grant, which means that the access token is not associated with any specific end-user.