This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

OAuth2 Token Validation and Introspection

WSO2 Identity Server provides a SOAP service to validate the OAuth2 token it has issued, which can be used by the resource server.

However from these 2 methods, the recommended approach is to use the REST API given above.

If subject identifier in the token validation response needs to adhere to the "Use tenant domain in local subject identifier" and "Use user store domain in local subject identifier" configurations in service provider, uncomment below configuration in <IS_HOME>/repository/conf/identity/identity.xml.

<BuildSubjectIdentifierFromSPConfig>true</BuildSubjectIdentifierFromSPConfig>
  • Default value of this property is false.
  • If the value is false, subject identifier will be set as the fully qualified username.