SO2 Identity Server provides a SOAP service to validate the OAuth2 token it has issued which can be used by the resource server.
The relevant code segment in the sample webapp wso2 playground2 for OAuth2 can be found here.
The following steps provides guidance on calling the service using the SOAP UI.
Open the
<IS_HOME>/repository/conf/carbon.xmlfile and set theHideAdminServiceWSDLsproperty to false. (This step is just to make the admin services WSDL accessible. Once the service WSDL is taken make sure to revert this change to hide admin service WSDLs)<!-- If this parameter is set, the ?wsdl on an admin service will not give the admin service wsdl. --> <HideAdminServiceWSDLs>true</HideAdminServiceWSDLs>- Restart the server to make the change effective.
- Go to SOAP UI and give the WSDL location.
Service Name: OAuth2TokenValidationService
WSDL location:https://localhost:9443/services/OAuth2TokenValidationService?wsdl
Provide the parameters to call the validate method as seen below.
- Since this validation service is an admin service, a valid user name and password needs to be provided in order to consume the service.
- Identifier value is the token to be validated.
- If user claims are also required while validating the access token, a list of claim URIs can be provided as well.
- The response will provide authorized user for the token, if the token is valid and how many more seconds the token is valid. If there was an error occurred while validating the token, it can be sent as the error message.
In order to get the user claims of the authorized as a JWT token with the validation response, please refer JWT Token Generation.