Versions Compared

Version Old Version 7 New Version Current
Changes made by

Rehan Agarwal

Silvan GrĂ¼ter

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
POST https://idp.coreone.ch/connect/introspect
Authorization: Basic base64({api_resource_name}:{api_resource_secret})
Content-Type: application/x-www-form-urlencoded

token={access_token}

...

Response

Code

Message

200

Code Block
languagejson
{
    "nbf": "int",
    "exp": "int",
    "iss": "String",
    "aud": ["String"],
    "client_id": "String",
    "sub": "String",
    "auth_time": "int",
    "idp": "String",
    "given_name": "String",
    "family_name": "String",
    "c1s_appcustomerid": "String",
    "display_name": "String",
    "c1s_tenantid": "String",
    "c1s_coreidentityid": "String",
    "local": "String",
    "c1s_role": ["String"],
    "iat": "int",
    "amr": "String",
    "active": "boolean",
    "scope": "String"
}

400

invalid request

401

unauthorized request

Info

Note: Before working with the response, always check if the IsError property is set to make sure the request was successful.

...

The revocation endpoint allows the revocation of access tokens (reference tokens only https://itsense.atlassian.net/wiki/spaces/IKB/pages/1992982615/Token#Self-Contained-vs-Reference-Token) and refresh tokens.

Request

  • token

    the The token to revoke (required)

  • token_type_hint

    either Either access_token or refresh_token (optional)

Code Block
POST https://idp.coreone.ch/connect/revocation 
Content-Type: application/x-www-form-urlencoded
Authorization: Basic base64({client_id}:{client_secret})

token={token}&token_type_hint={token_type_hint}

Response

Code

Message

200

End Session Endpoint

The end session endpoint can be used to trigger a single sign-out process.

Code Block
https://idp.coreone.ch/connect/endsession

Request

  • post_logout_url

    Where the user should be redirected to after the logout

  • id_token_hint

    The actual id token of the user to identify the user

Code Block
GET https://idp.coreone.ch/connect/endsession?post_logout_url={post_logout_url}&id_token_hint={id_token_hint}
Content-Type: application/x-www-form-urlencoded

Response

Code

Message

302

Redirect to the logout url

200

If no logout url is specified