Closed nithinM closed 4 years ago
Hello @nithinM . That {"active":false} in the introspecition endpoint response means that the token you are using is not active for some reason.
If you read here: https://www.oauth.com/oauth2-servers/token-introspection-endpoint/
active - Required. This is a boolean value of whether or not the presented token is currently active. The value should be “true” if the token has been issued by this authorization server, has not been revoked by the user, and has not expired.
So may be the token is expired for some reason or the user is disabled for some reason. Try to:
Let me know if this helps
Hi @d4rkstar, Thank you for your explanation. I figured out the reason for the issue. It happened because of the HOST issue. I used the localhost as the host to request the Token. Since I used HOST IP for introspection endpoint, then it causes the issue. After I use the same HOST IP to request the Token, the problem sorted out.
Thank you!
Hello, glad you found the cause!
Hi there, After following all your steps correctly in the final step I'm getting invalid token error. When I curl the token endpoint I got below response. Seems to be it's okay.
But when I curl to the mock endpoint with access_token I'm getting 401 - invalid token response.
How can I debug this? Your thoughts are really appreciated.
Thank you!
P.S I checked the kong container logs and got following