Validate subscriber token

This POST request validates the token for a subscriber. Once the token is validated and associated with a valid msisdn on the system, an expiry is set for when that subscriber must use the token which is appended to the URL link to the Captive Portal.

POST /token/introspect + JSON request payload

HEADER INFO

authorisation: HTTP Basic Auth

content-type: application/JSON

accept: application/JSON

By default, accept is XML. You must explicitly set accept in your header to application/JSON to receive a JSON response.

JSON request payload

The token itself is sent in the JSON request payload as shown in the example below.

Check out IETF’s page on token introspection for more details.

{
    "token" : "<token>"
}

JSON response

There are three possible responses included a successfully-validated token, a successful request but token failed (token not found or token expired), and a bad request where the token wasn’t sent. An example of each response is shown here.

token validated successfully

status 200

{
    "active": true,
    "client_id": "<msisdn>",
    "expiry" : 1437275311
}

token not validated

status 200

{
    "active": false
}

token not sent

status 400

{
    "error": "invalid_request",
    "error_description": "[token cannot be null]"
}

HTTP response codes

This API operation adheres to standard HTTP response codes.

200 = token validated
400 = bad request
401 = unauthorized (IMS authorization failed)