token_ type
Registry Context
`token_type` is an optional introspection-response field identifying the type of the introspected token.
Technical Summary
RFC 7662 defines `token_type` as an optional top-level introspection-response member whose value uses the OAuth 2.0 token type definition referenced by RFC 6749 Section 5.1. RFC 6749 states that the value is case-insensitive.
When Used
Use when describing or validating the `token_type` member of an OAuth 2.0 token introspection response.
Normative Requirements
Authorization servers
RFC 7662 - Section 2.2
Include `token_type` as an optional top-level member identifying the type of the introspected token..
Condition: when constructing an introspection response
token_type OPTIONAL. Type of the token as defined in Section 5.1 of OAuth 2.0 [RFC6749].
Validation Guidance
Allow `token_type` to be absent from the introspection response.
If present, interpret `token_type` using the OAuth 2.0 token type definition referenced by RFC 6749 Section 5.1.
Treat the `token_type` value as case-insensitive.
Reference
Details
- Entry Id
token_type - Name
token_type - Description
Type of the token- Change Controller
IESG- Reference
RFC7662 - Section 2.2