Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: Are refresh tokens introspectable or not? #1250

Closed
jshearer opened this issue Dec 27, 2018 · 1 comment
Closed

docs: Are refresh tokens introspectable or not? #1250

jshearer opened this issue Dec 27, 2018 · 1 comment

Comments

@jshearer
Copy link

Describe the bug
The API docs for introspecting a token are contradictory. The description paragraph says

The introspection endpoint allows to check if a token (both refresh and access) is active or not.

But the description for the token body parameter says,

This endpoint DOES NOT accept refresh tokens for validation.

I believe refresh tokens are introspectable, so as long as that's true, the description for token should be updated to reflect that.
@jshearer jshearer changed the title [DOCS] Are refresh tokens introspectable or not? docs: Are refresh tokens introspectable or not? Dec 27, 2018
@aeneasr
Copy link
Member

aeneasr commented Dec 31, 2018

Yup, they are indeed introspectable and you'll get a type back which says if it's a refresh or access token! Feel free to create a PR to fix this :)

aeneasr added a commit that referenced this issue Apr 26, 2019
@aeneasr
sdk: Make clear that refresh tokens are introspectable
5ecaca4 
Closes #1250

Signed-off-by: aeneasr <aeneas@ory.sh>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aeneasr @jshearer