The fusion auth client for node has a method for token introspection?



  • Hello, everyone.

    When I make a request, I send a token in a cookie. I would like to know the status of the token and make a refresh if necessary. If I understand correctly, I need to call the POST /oauth2/introspect, but I cannot find this method in the client. If I'm wrong, please give me a more correct method.

    Снимок экрана от 2020-06-19 22-55-09.png



  • Hiya!

    You have a couple of options.

    You should be able to use the validateJWT method on the fusionauth node client. That calls this API: https://fusionauth.io/docs/v1/tech/apis/jwt#validate-a-jwt

    You can call into /oauth2/introspect, but you'll have to construct that URL manually, as it isn't currently supported by the client libraries.

    Finally, you can also use a jwt package (like this one) to verify the JWT is still valid without communicating with FusionAuth.

    Hope this helps.


Log in to reply