OAuth2 Token Validation and Introspection¶

WSO2 Identity Server provides a SOAP service to validate the OAuth2 token it has issued, which can be used by the resource server.

• Invoke the OAuth Introspection Endpoint
• OAuth Token Validation Using SOAP Service
• OAuth Transaction Logs

However from these 2 methods, the recommended approach is to use the REST API given above.

If subject identifier in the token validation response needs to adhere to the " Use tenant domain in local subject identifier" and " Use user store domain in local subject identifier" configurations in service provider, add the following configuration to the <IS_HOME>/repository/conf/deployment.toml file .

[oauth]
validation_response_subject_identifier_format= "app_configured"

• Default value of this property is false.
• If the value is false, subject identifier will be set as the fully qualified username.