Chilkat Online Tools

C++ / Commercetools / Token Introspection

Back to Collection Items

#include <CkHttp.h>
#include <CkHttpResponse.h>

void ChilkatSample(void)
    {
    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkHttp http;
    bool success;

    http.put_BasicAuth(true);
    http.put_Login("username");
    http.put_Password("password");

    http.SetRequestHeader("Content-Type","application/json");

    CkHttpResponse *resp = http.QuickRequest("POST","https://domain.com/oauth/introspect?token={{ctp_access_token}}");
    if (http.get_LastMethodSuccess() == false) {
        std::cout << http.lastErrorText() << "\r\n";
        return;
    }

    std::cout << resp->get_StatusCode() << "\r\n";
    std::cout << resp->bodyStr() << "\r\n";
    delete resp;
    }

Curl Command

curl -X POST
	-u 'username:password'
	-H "Content-Type: application/json"
https://domain.com/oauth/introspect?token={{ctp_access_token}}

Postman Collection Item JSON

{
  "name": "Token Introspection",
  "event": [
    {
      "listen": "test",
      "script": {
        "type": "text/javascript",
        "exec": [
          "tests[\"Status code is 200\"] = responseCode.code === 200;"
        ]
      }
    }
  ],
  "request": {
    "auth": {
      "type": "basic",
      "basic": {
        "username": "{{client_id}}",
        "password": "{{client_secret}}"
      }
    },
    "method": "POST",
    "header": [
      {
        "key": "Content-Type",
        "value": "application/json"
      }
    ],
    "body": {
      "mode": "raw",
      "raw": ""
    },
    "url": {
      "raw": "{{auth_url}}/oauth/introspect?token={{ctp_access_token}}",
      "host": [
        "{{auth_url}}"
      ],
      "path": [
        "oauth",
        "introspect"
      ],
      "query": [
        {
          "key": "token",
          "value": "{{ctp_access_token}}",
          "equals": true
        }
      ]
    },
    "description": "Token introspection allows to determine the active state of an OAuth 2.0 access token and to determine meta-information about this accces token, such as the `scope`."
  },
  "response": [
  ]
}