Resource Guides
Endpoints
Token Management
Customer Management
Account Management
Bre-B Key Management
Recipient Management
Payment Management
QR codes
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Retrieve Token Information
Summarize Page
Copy Markdown
Open in ChatGPT
Open in Claude
Overview
This endpoint retrieves detailed information about a specific OAuth token, including roles, scopes, expiration, and creation timestamp. It is commonly used for validation, debugging, or auditing purposes.
The access token is not returned in this API call for security reasons. If needed, revoke the access token and create a new one.
Endpoint Details
| Definition | Description |
|---|---|
| Endpoint | https://api.paas.sandbox.co.passportfintech.com/v1/iam/oauth/tokens/:token_id |
| Method | GET |
| Headers | Accept-Language, Content-Length, Content-Type: application/json, Authorization |
| Authentication | Access Token (Bearer Token) |
Request Body
This endpoint does not require a request body.
Example Request
JSON
3
1
curl --location --request GET 'https://api.paas.sandbox.co.passportfintech.com/v1/iam/oauth/tokens/249a0a2e-028a-4e15-a841-de9fd4e4cd84' \2
--header 'Content-Type: application/json' \3
--header 'Authorization: Bearer <YOUR_ACCESS_TOKEN>' \Response
- HTTP Status Code 200 OK.
Example of Response
JSON
49
49
1
{2
"token_id": "249a0a2e-028a-4e15-a841-de9fd4e4cd84",3
"created_at": "2025-09-10T22:22:50.337Z",4
"scopes": [5
"iam.accounts.get",6
"iam.users.get",7
"iam.users.list.get",8
"iam.login_profiles.patch",9
"iam.oauth.tokens.list.get",10
"iam.oauth.tokens.get",11
"iam.oauth.tokens.delete",12
"iam.logout.post",13
"iam.mfa.*",14
"iam.roles.get",15
"iam.roles.list.get",16
"iam.roles.users.list.get",17
"iam.users.roles.list.get",18
"paas.core.entity_customers.post",19
"paas.core.entity_customers.patch",20
"paas.core.entity_customers.get",21
"paas.core.entity_customers.list.get",22
"paas.core.accounts.post",23
"paas.core.accounts.get",24
"paas.core.accounts.list.get",25
"paas.core.account_keys.post",26
"paas.core.account_keys.get",27
"paas.core.account_keys.list.get",28
"paas.core.breb_recipients.post",29
"paas.core.breb_recipients.get",30
"paas.core.breb_recipients.list.get",31
"paas.core.breb_payments.post",32
"paas.core.breb_payments.get",33
"paas.core.breb_payments.list.get",34
"paas.core.webhooks.post",35
"paas.core.webhooks.get",36
"paas.core.webhooks.list.get",37
"paas.core.webhooks.patch",38
"paas.core.webhooks.delete",39
"paas.core.qrcodes.post",40
"paas.core.qrcodes.get",41
"paas.core.qrcodes.list.get",42
"paas.core.account_keys.patch"43
],44
"roles": [45
"entity.client_credentials"46
],47
"expires_in": 86400,48
"token_type": "Bearer"49
}Common Errors and Handling
| HTTP Status Code | Meaning | Description |
|---|---|---|
| 400 | Bad Request | Invalid token ID format or missing parameters |
| 401 | Unauthorized | Bearer token missing, expired, or does not include the required scope |
| 403 | Forbidden | Authenticated user lacks permission to view token details |
| 404 | Not Found | Token ID not found in the IAM system |
| 500 | Internal Server Error | Unexpected error. Retry or contact support if issue persists |
Best Practices
- Use this endpoint for auditing and debugging token permissions.
- Ensure proper handling of sensitive data: never log raw tokens in plaintext.
- Store the
expires_invalue to track token lifetime and refresh before expiration. - Implement monitoring for
401/403responses to detect when credentials need rotation.
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Last updated on
Next to read:
List Token InformationDiscard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message