Introspect
K0rdent Api Introspect endpoints
Introspect Endpoints
| Method | Endpoint | Description |
|---|---|---|
POST | /v1/regions/global/auth/introspect | Visibility: public · internal ( OpenAPI Custom Extension: x-visibility ) Determine whether an access token is currently active and return its claims. Inspired by RFC 7662 (OAuth 2.0 Token Introspection) but uses application/json instead of form-encoded requests. A token is considered active when all of the following are true: - The token has not expired. - The token has not been revoked. - The underlying credential (API key, service account credential) is still active and not disabled. - The parent principal (user, service account) is still active. This endpoint is intended for resource servers that need to validate a token beyond signature verification — for example, before executing sensitive operations where even a short-lived token should be checked against the current credential state. The caller must be authenticated (typically a resource server using its own service account credentials). |
How is this guide?