Client credentials flow, remote validation

nward · January 10, 2023, 9:49am

Hi,

I am building an API, which is exclusively M2M - it never has any humans using it - so am using the client credentials flow.

My client retrieves the access_token, and can include it as a bearer to my API application.

I am hoping to use remote validation, rather than validating the token in my application. According to their documentation, Okta supports this with the token introspection endpoint. It returns “active”.

Is such a thing available with Auth0?
I was following documentation describing how to set this up with Okta, and the Okta website pushed me towards Auth0, so I get the impression Auth0 is going to replace Okta?

dan.woda · January 13, 2023, 4:13pm

Hi @nward

Welcome to the Auth0 Community!

Auth0 doesn’t provide an introspection endpoint.

Auth0 and Okta cover different use cases, and although there is overlap, neither one will be replaced in the foreseeable future.

system · January 27, 2023, 4:14pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Validating an Access Token Help	4	7916	October 20, 2021
Missing Token introspection endpoint in openid configuration Help management-api , tenants	4	3303	May 17, 2023
Okta apps validation Help	2	251	March 28, 2024
Opaque token validation with introspection endpoint Help token-validation , opaque-tokens , oauth2	6	8908	March 24, 2020
Securing a REST APIS without UI front Help jwt , auth0 , api , okta	8	5951	July 8, 2019

Client credentials flow, remote validation

Related topics