Skip to main content
Module

x/authlete_deno/mod.ts>IntrospectionResponse

Authlete Library for Deno
authlete/authlete-deno
Latest
namespace IntrospectionResponse
Re-export
import { IntrospectionResponse } from "https://deno.land/x/authlete_deno@v1.2.10/mod.ts";

Enums

The next action that the service implementation should take.

class IntrospectionResponse
extends ApiResponse
Re-export
import { IntrospectionResponse } from "https://deno.land/x/authlete_deno@v1.2.10/mod.ts";

Response from Authlete /auth/introspection API.

Properties

optional
accessTokenResources: string[]

The target resources of the access token.

The target resources this property has may be the same as or different from the ones resources property has.

In some flows, the initial request and the subsequent token request are sent to different endpoints. Example flows are the Authorization Code Flow, the Refresh Token Flow, the CIBA Ping Mode, the CIBA Poll Mode and the Device Flow. In these flows, not only the initial request but also the subsequent token request can include the resource request parameters. The purpose of the resource request parameters in the token request is to narrow the range of the target resources from the original set of target resources requested by the preceding initial request. If narrowing down is performed, the target resources the resources property has and the ones this property has are different. The value of this property is the narrowed set of target resources.

See "Resource Indicators for OAuth 2.0" for details.

action: IntrospectionResponse.Action

The next action the service implementation should take.

optional
authorizationDetails: AuthzDetails

The authorization details. This represents the value of the authorization_details request parameter which is defined in "OAuth 2.0 Rich Authorization Requests".

optional
certificateThumbprint: string

The client certificate thumbprint used to validate the MTLS-bound access token.

optional
clientAttributes: Pair[]

Arbitrary attributes associated with the client.

clientId: number

The client ID.

optional
clientIdAlias: string

The client ID alias when the authorization request or the token request for the access token was made. Note that this value may be different from the current client ID alias.

clientIdAliasUsed: boolean

Flag which indicates whether the client ID alias was used when the authorization request or the token request for the access token was made.

existent: boolean

Flag to indicate whether the access token exists.

expiresAt: number

The time at which the access token expires in milliseconds since the Unix epoch (1970-01-01).

optional
properties: Property[]

Extra properties associated with the access token.

refreshable: boolean

Flag to indicate whether the access token is refreshable.

optional
resources: string[]

The target resources. This represents the resources specified by the resource request parameters or by the resource property in the request object.

See "Resource Indicators for OAuth 2.0" for details.

responseContent: string

Entity body of the response to the client.

optional
scopes: string[]

The scopes covered by the access token.

optional
serviceAttributes: Pair[]

Arbitrary attributes associated with the service.

optional
subject: string

The subject (= resource owner's ID).

This property is not set if the access token was generated by Client Credentials Grant, which means that the access token is not associated with any specific end-user.

sufficient: boolean

Flag to indicate whether the access token covers the required scopes.

usable: boolean

Flag to indicate whether the access token is usable (= exists and has not expired).