Description
Validating tokens serves to determine that a token is still valid. After that intensely intellectual definition, we’ll carry on.
If everything’s OK, DRUID returns the same token and the time when it will expire. It is a POST call to the authorization web server. A common use of this validation is to check that a user is still logged in with DRUID and to check that they haven’t done a single sign out in another application.
Presently, the DRUID integration SDK takes care of token validation, although it’s not a bad idea for you to have a clear idea of this concept in case you want to manage the tokens in your application manually.
This is achieved through a POST call using the parameter grant_type=urn:com.dru-id:oauth2:grant_type:validate_bearer.
Endpoint URL:
POST https://{your-endpoint-domain.com}/oauth2/token
Request parameters
| Field | Description | Type |
| grant_type | The value must be set to urn:com.dru-id:oauth2:grant_type:validate_bearer. | string |
| oauth_token | The token you want to validate | string |
| client_id | Identifier of the client application. | string |
| client_secret | Secret of the client application. | string |