IdP API

The IdP API is used to validate issued access tokens with our IoT identity provider.

Introspection Endpoint

Use this endpoint to verify the access tokens issued by the IdP. This endpoint is mainly used by the IoT platform but may also be used by IoT devices to verify the received access token.

Introspect token

POST coaps://iot-idp.demo.coap-apps.iothentix.io/idp/introspect

Request Body

Name	Type	Description
token*	String	Access token issued by the identity provider
client_secret	String	Client secret for the basic authentication
client_id	String	Client ID for the basic authentication

201: Created In case the provided access token is VALID.

{
    "active": true,
    "sub": "test.device.01",
    "scope": "tenant.demo refresh.token temp",
    "iss": "https://iot-idp.demo.apps.iothentix.com/",
    "exp": 1658179642
}

201: Created In case the provided access token is INVALID.

{
    "active": false
}

500: Internal Server Error Internal error in the IdP infrastructure.

{
    "error": 
    {
        "code": 500,
        "status": "Internal Server Error",
        "request": "<REQUEST_ID>",
        "message": "An internal server error occurred, please contact the system administrator"
    }
}

401: Unauthorized The basic authentication failed.

{
    "error": "FORBIDDEN",
    "error_uri": "iot-idp.demo.apps.iothentix.com",
    "error_description": "The requested action was forbidden"
}

405: Method Not Allowed The requested method is not allowed for this resource.