I'm working with a connected app which is using the JWT Bearer Token flow for API access. Generating access tokens and using them for API calls is working fine. When I use the Token Introspection to check the status of an access token I'm getting an "invalid client credentials" error.
request:{
path:"",
headers:{
'Content-Type':"application/x-www-form-urlencoded",
Accept:"application/json"
},
parameters:{
},
endpoint:"https://REDACTED_DOMAIN.lightning.force.com/services/oauth2/introspect",
body:{
token:"****",
client_id:"****",
client_secret:"****",
token_type_hint:"access_token"
}
},
service:null,
operation:null,
status:401,
reason:"Unauthorized",
body:{
error:"invalid_client",
error_description:"invalid client credentials"
},
According to the documentation I need to pass in a client_id and client_secret value for authorization. The documentation does not clearly state where these values are defined on the connected app.
- For the
client_idI'm using the "Consumer Key" listed on the connected App's "Manage" page. The example appears to be in the same format. - For the
client_secretI'm using the "Consumer Secret" listed on the connected App's "Manage" page. The example does not appear to be in the same format however there is no value on the App's "Manage" page that matches the format in the example.
The connected app has the setting "Introspect All Tokens" enabled.
Anyone have any experience with this and can point me in the right direction?
Best Answer
I was able to solve the issue. My parameters were correct however the endpoint is very strict about the ContentType. My application was using a JSON ContentType and payload which it did not recognize. After changing the ContentType to application/x-www-form-urlencoded it accepted the params and validated the token