OAuth2 Introspect ver. 1.0 (Deprecated)
This version of the OAuth2 Introspect endpoint is deprecated because the response format changed which could affect your application. Please use Introspect endpoint ver. 1.1, instead.
Retrieve State of Tokens
An application can retrieve the active state of an OAuth 2.0 token. This endpoint conforms to RFC 7662.
Making Requests
POST https://api.fitbit.com/oauth2/introspect
Authorization: Bearer <Access Token>
Content-Type: application/x-www-form-urlencoded
token=<OAuth 2.0 token to retrieve the state of>
Example Response:
If the token passed in parameter is valid:
{
"active":1,
"scope":"{ACTIVITY=READ_WRITE}",
"clientId":{"id":"<Client Id>"},
"userId":{"id":"<User Id>"},
"tokenType":"access_token",
"exp":<expires at>,
"iat":<issued at>
}
If the token passed in parameter is not valid:
{
"active":0
}