OAuth Token Validation Using SOAP Service¶
WSO2 Identity Server provides a SOAP service to validate the OAuth2 token it has issued, which can be used by the resource server. This section guides you through calling the SOAP service using the SOAP UI.
Add the following configuration property to the
deployment.tomlfile in the
<IS_HOME>/repository/conffolder to enable admin service WSDLs.
This step is just to make the admin services WSDL accessible. Once the service WSDL is taken, set the property to false hide admin service WSDLs.
[admin_service.wsdl] enable = true
Restart the server to make the changes effective.
Go to the SOAP UI and give the WSDL location.
Service Name: OAuth2TokenValidationService
WSDL location: https://localhost:9443/services/OAuth2TokenValidationService?wsdl
Provide the following parameters to call the validate method as seen below.
You can obtain oauth token by following the tutorial OAuth 2.0 with WSO2 Playground
- Since this validation service is an admin service, a valid user name and password needs to be provided in order to consume the service.
- Identifier value is the token to be validated.
- If the user claims are also required while validating the access token, a list of claim URIs can be provided as well.
- The response will contain details on the authorized user for the token, whether the token is valid and how many more seconds for which the token is valid. If an error occurred while validating the token, it can be sent as the error message.
In order to get the user claims of the authorized user as a JWT token with the validation response, see JWT Token Generation.