You can use the POST /{{envID}}/flows/{{flowID}} endpoint operation to examine the token to verify that the aud (audience property) and scope properties specify the new custom resource and custom scope, respectively.

For more information about token introspection for access tokens, see Token Introspection (Access Token) in the PingOne Platform API Reference.