Mono Colombia
GuidesAPI reference
Bre-B participantAuthentication

Introspect token

OAuth 2.0 token introspection endpoint (RFC 7662).

Use this endpoint to determine the active state and metadata of an access token or refresh token. This is useful for resource servers to validate tokens and retrieve their associated information.

Supported Content Types:

  • application/x-www-form-urlencoded (standard OAuth 2.0)
  • application/json

Response:

  • If the token is active, returns token metadata including client_id, scope, expiration, etc.
  • If the token is inactive, expired, or invalid, returns {"active": false}
POST
/api/v1/oauth/introspect

Request Body

Token introspection request

client_idstring

Client identifier issued during registration

Example"your_client_id"
client_secretstring

Client secret issued during registration

Example"your_client_secret"
grant_typestring

OAuth 2.0 grant type (must be 'introspect')

Value in"introspect"
Example"introspect"
tokenstring

The token to introspect (access token or refresh token)

Example"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."

Response Body

application/json

application/json

application/json

curl -X POST "https://breb-participant.cert.monoban.co/api/v1/oauth/introspect" \  -H "Content-Type: application/json" \  -d '{    "client_id": "your_client_id",    "client_secret": "your_client_secret",    "grant_type": "introspect",    "token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."  }'
{
  "active": true,
  "client_id": "your_client_id",
  "exp": 1735689600,
  "iat": 1735686000,
  "iss": "https://api.example.com",
  "scope": "example example:readonly",
  "sub": "usr_1A2B3C4D5E6F7G8H9I0J1K",
  "username": "user@example.com"
}
{
  "error": "invalid_client",
  "error_description": "Client authentication failed"
}
{
  "error": "invalid_client",
  "error_description": "Client authentication failed"
}

Obtain access token POST

Previous Page

Revoke token POST

Next Page