Retrieve Token Information

Overview

This endpoint retrieves detailed information about a specific OAuth token, including roles, scopes, expiration, and creation timestamp. It is commonly used for validation, debugging, or auditing purposes.

The access token is not returned in this API call for security reasons. If needed, revoke the access token and create a new one.

Endpoint Details

Definition	Description
Endpoint	https://bre-b-sandbox.api.visionamos.passportfintech.com/v1/iam/oauth/tokens/{token_id}
Method	GET
Headers	Accept-Language, Content-Length, Content-Type: application/json, Authorization
Authentication	Access Token (Bearer Token)

Request Body

This endpoint does not require a request body.

Example Request

JSON
    
    
 
curl --location --request GET 'https://bre-b-sandbox.api.visionamos.passportfintech.com/v1/iam/oauth/tokens/249a0a2e-028a-4e15-a841-de9fd4e4cd84' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <YOUR_ACCESS_TOKEN>' \
Copy

Response

HTTP Status Code 200 OK.

Example of Response

JSON
    
 
{
    "token_id": "249a0a2e-028a-4e15-a841-de9fd4e4cd84",
    "created_at": "2025-09-10T22:22:50.337Z",
    "scopes": [
        "iam.accounts.get",
        "iam.users.get",
        "iam.users.list.get",
        "iam.login_profiles.patch",
        "iam.oauth.tokens.list.get",
        "iam.oauth.tokens.get",
        "iam.oauth.tokens.delete",
        "iam.logout.post",
        "iam.mfa.*",
        "iam.roles.get",
        "iam.roles.list.get",
        "iam.roles.users.list.get",
        "iam.users.roles.list.get",
        "paas.core.entity_customers.post",
        "paas.core.entity_customers.patch",
        "paas.core.entity_customers.get",
        "paas.core.entity_customers.list.get",
        "paas.core.accounts.post",
        "paas.core.accounts.get",
        "paas.core.accounts.list.get",
        "paas.core.account_keys.post",
        "paas.core.account_keys.get",
        "paas.core.account_keys.list.get",
        "paas.core.breb_recipients.post",
        "paas.core.breb_recipients.get",
        "paas.core.breb_recipients.list.get",
        "paas.core.breb_payments.post",
        "paas.core.breb_payments.get",
        "paas.core.breb_payments.list.get",
        "paas.core.webhooks.post",
        "paas.core.webhooks.get",
        "paas.core.webhooks.list.get",
        "paas.core.webhooks.patch",
        "paas.core.webhooks.delete",
        "paas.core.qrcodes.post",
        "paas.core.qrcodes.get",
        "paas.core.qrcodes.list.get",
        "paas.core.account_keys.patch"
    ],
    "roles": [
        "entity.client_credentials"
    ],
    "expires_in": 86400,
    "token_type": "Bearer"
}
Copy

Common Errors and Handling

HTTP Status Code	Meaning	Description
400	Bad Request	Invalid token ID format or missing parameters
401	Unauthorized	Bearer token missing, expired, or does not include the required scope
403	Forbidden	Authenticated user lacks permission to view token details
404	Not Found	Token ID not found in the IAM system
500	Internal Server Error	Unexpected error. Retry or contact support if issue persists

Best Practices

Use this endpoint for auditing and debugging token permissions.
Ensure proper handling of sensitive data: never log raw tokens in plaintext.
Store theexpires_in value to track token lifetime and refresh before expiration.
Implement monitoring for401/403 responses to detect when credentials need rotation.

Last updated on