The Authorization Code Grant is one of the grant types in the OAuth 2.0 specification. For more information about this grant type, see Authorization Code Grant.
...
Visit the URL http://wso2is.local:8080/playground2/oauth2.jsp to start the application.
Enter the following details and click Authorize.
Panel bgColor #F0F0F0 borderStyle solid Authorization Grant Type: Authorization Code
Client ID: (the client id received at the application registration)
Callback URL: http://wso2is.local:8080/playground2/oauth2client
Authorize Endpoint: https://localhost:9443/oauth2/authorizeLog in with the user credentials.
Click Approve to consent to this action.
In the OPENID USER CLAIMS screen, click Approve Once or Approve Always, also select the Requested attributes and click Continue.
Provide the following details and click on Get Access Token.
Panel titleBGColor #F0F0F0 borderStyle solid Callback URL: http://wso2is.local:8080/playground2/oauth2client
Access Token Endpoint: https://localhost:9443/oauth2/token
Client Secret: (client secret received at the application registration)Info If you have configured the service provider in a tenant, you have to add the tenant domain as a query parameter to the access token endpoint.
If the tenant domain is wso2.com, access token endpoint will be as follows.
Panel titleBGColor #F0F0F0 borderStyle solid Access Token Endpoint: https://localhost:9443/oauth2/token?tenantDomain=wso2.com
At this point, the application receives the Access Token. Enter the introspection endpoint (i.e, https://localhost:9443/oauth2/introspect) and click Get TokenInfo to get the token information.
Info Expand title Click here for more information on OAuth 2.0 Token Introspection OAuth 2.0 Token Introspection defines a protocol that allows authorized protected resources to query the authorization server to determine the set of metadata for a given token that was presented to them by an OAuth Client. This metadata includes whether or not the token is currently active (or if it has expired or otherwise been revoked), what rights of access the token carries (usually conveyed through OAuth 2.0 scopes), and the authorization context in which the token was granted (including who authorized the token and which client it was issued to). Token introspection allows a protected resource to query this information regardless of whether or not it is carried in the token itself, allowing this method to be used along with or independently of structured token values.
Now you should be able to see the access token information as seen below, as long as the provided access token is valid.
...
Visit the URL http://wso2is.local:8080/playground2/oauth2.jsp to start the application.
Enter the following details and click Authorize.
Panel bgColor #F0F0F0 borderStyle solid Authorization Grant Type: Authorization Code
Client ID: (the client id received at the application registration)
Callback URL: http://wso2is.local:8080/playground2/oauth2client
Authorize Endpoint: https://localhost:9443/oauth2/authorize
Use PKCE: Yes
PKCE Challenge Method:Log in with the user credentials.
Click Approve to consent to this action.
Provide the following details and click on Get Access Token.
Panel titleBGColor #F0F0F0 borderStyle solid Callback URL: http://wso2is.local:8080/playground2/oauth2client
Access Token Endpoint: https://localhost:9443/oauth2/token
Client Secret: (client secret received at the application registration)
PKCE Verifier: (this will be populated using the value generated in step 1)Info If you have configured the service provider in a tenant, you have to add the tenant domain as a query parameter to the access token endpoint.
If the tenant domain is wso2.com, access token endpoint will be as follows.
Panel titleBGColor #F0F0F0 borderStyle solid Access Token Endpoint: https://localhost:9443/oauth2/token?tenantDomain=wso2.com
At this point, the application receives the Access Token. Enter the introspection endpoint (i.e, https://localhost:9443/oauth2/introspect) and click Get TokenInfo to get the token information.
Info Expand title Click here for more information on OAuth 2.0 Token Introspection OAuth 2.0 Token Introspection defines a protocol that allows authorized protected resources to query the authorization server to determine the set of metadata for a given token that was presented to them by an OAuth Client. This metadata includes whether or not the token is currently active (or if it has expired or otherwise been revoked), what rights of access the token carries (usually conveyed through OAuth 2.0 scopes), and the authorization context in which the token was granted (including who authorized the token and which client it was issued to). Token introspection allows a protected resource to query this information regardless of whether or not it is carried in the token itself, allowing this method to be used along with or independently of structured token values.
Now you should be able to see the access token information as seen below, as long as the provided access token is valid.
...