The token endpoints support the following actions:

• The token endpoint /{{envID}}/as/token is used by the client to obtain an access token by presenting its authorization grant. Note that authentication requirements to this endpoint are configured by the application’s tokenEndpointAuthMethod property. For information about the application’s tokenEndpointAuthMethod property, see the “Applications OIDC settings data model” table in Application Operations.

• The token introspection endpoint /{{envID}}/as/introspect returns the active state of an OAuth 2.0 token and the claims specified in RFC 7662 Section 2.2. The request requires the token parameter, which is the token string.

• The token revocation endpoint {{envID}}/as/revoke revokes the token specified in the request. Note that this operation does not apply to the tokens issued for the PingOne API resource.

Use Cases

• Get a token for custom resource access
• Add a custom claim to an access token
• Use LOGIN and MFA Actions to Authenticate Users

Related topics