This tool validates OAuth 2.0 and OpenID Connect token endpoints. It probes POST behavior, checks status and content-type semantics, inspects OAuth error formatting, and verifies browser-facing CORS and cache-control behavior.
This tool validates OAuth 2.0 and OpenID Connect token endpoints. It probes POST behavior, checks status and content-type semantics, inspects OAuth error formatting, and verifies browser-facing CORS and cache-control behavior.
Real credentials are optional. Structured OAuth errors are often enough to confirm endpoint behavior.
Enter a URL or paste JSON above to validate your token endpoint. Results will appear here with a detailed breakdown of all checks.