POST /oauth/introspect
Description
The /oauth/introspect endpoint verifies the validity of an access or refresh token and returns metadata about it. Useful for confirming if a token is still active and trusted.
Header Parameters
{
"Content-Type": "application/x-www-form-urlencoded"
}
Body Parameters
token
string
Required
The access or refresh token that needs to be validated. This endpoint checks if the token is active and returns associated metadata (user ID, scopes, expiration, etc.).
Example Requests
curl --request POST 'https://oauth.cliquify.me/oauth/introspect' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'token=ACCESS_TOKEN'const axios = require('axios');
const qs = require('qs');
const data = qs.stringify({ token: 'ACCESS_TOKEN' });
axios.post('https://oauth.cliquify.me/oauth/introspect', data, {
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
}
}).then(response => console.log(response.data));import java.net.HttpURLConnection;
import java.net.URL;
import java.io.OutputStream;
URL url = new URL("https://oauth.cliquify.me/oauth/introspect");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
conn.setDoOutput(true);
String data = "token=ACCESS_TOKEN";
try (OutputStream os = conn.getOutputStream()) {
os.write(data.getBytes());
}import requests
headers = {
"Content-Type": "application/x-www-form-urlencoded"
}
data = {"token": "ACCESS_TOKEN"}
response = requests.post("https://oauth.cliquify.me/oauth/introspect", headers=headers, data=data)
print(response.json())using System.Net.Http;
var client = new HttpClient();
var content = new FormUrlEncodedContent(new[] {
new KeyValuePair<string, string>("token", "ACCESS_TOKEN")
});
var response = await client.PostAsync("https://oauth.cliquify.me/oauth/introspect", content);
string responseBody = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseBody);package main
import (
"bytes"
"fmt"
"io/ioutil"
"net/http"
)
func main() {
data := []byte("token=ACCESS_TOKEN")
req, _ := http.NewRequest("POST", "https://oauth.cliquify.me/oauth/introspect", bytes.NewBuffer(data))
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
client := &http.Client{}
resp, _ := client.Do(req)
body, _ := ioutil.ReadAll(resp.Body)
fmt.Println(string(body))
}$data = http_build_query([
'token' => 'ACCESS_TOKEN'
]);
$options = ["http" => [
"method" => "POST",
"header" => "Content-Type: application/x-www-form-urlencoded",
"content" => $data
]];
$response = file_get_contents('https://oauth.cliquify.me/oauth/introspect', false, stream_context_create($options));require 'net/http'
require 'uri'
uri = URI.parse("https://oauth.cliquify.me/oauth/introspect")
request = Net::HTTP::Post.new(uri)
request["Content-Type"] = "application/x-www-form-urlencoded"
request.body = "token=ACCESS_TOKEN"
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) do |http|
http.request(request)
end
puts response.bodySuccess Response
{
"active": true,
"client_id": "gtc9...",
"user_id": 12345,
"scopes": [
"brandkit:read",
"..."
],
"expires_at": "2026-07-16 11:45:32"
}Try It Out
Heads up! This uses your live Cliquify data.
This is not a sandbox or playground — the form below performs real API requests against your account’s actual data. Please double-check before sending.
This is not a sandbox or playground — the form below performs real API requests against your account’s actual data. Please double-check before sending.