> ## Documentation Index > Fetch the complete documentation index at: https://docs.voucherify.io/llms.txt > Use this file to discover all available pages before exploring further. # Introspect OAuth 2.0 Token > Introspect an OAuth 2.0 token for an API client. ## OpenAPI ````yaml /openapi/oauth.json post /v1/oauth/introspect openapi: 3.0.1 info: title: Voucherify API - OAuth version: v2018-08-01 description: >- Voucherify promotion engine REST API. Please see https://docs.voucherify.io/docs for more details. contact: name: Voucherify Team url: https://www.voucherify.io/contact-support email: support@voucherify.io termsOfService: https://www.voucherify.io/legal/subscription-agreement license: name: MIT url: https://github.com/voucherifyio/voucherify-js-sdk/blob/main/LICENSE servers: - url: https://{cluster}.voucherify.io description: Base URL variables: cluster: default: api enum: - api - us1.api - as1.api - download - us1.download - as1.download security: [] paths: /v1/oauth/introspect: post: tags: - OAuth summary: Introspect OAuth 2.0 Token description: Introspect an OAuth 2.0 token for an API client. operationId: introspect-oauth-token parameters: [] requestBody: description: Send the request as `x-www-form-urlencoded`. content: application/x-www-form-urlencoded: schema: $ref: '#/components/schemas/OAuthTokenIntrospectRequestBody' examples: Request example: value: access_token: 1ABCde2FGHijKl3m4NO5pqR6STUv7wxYzAbc8dE90FgH1IJkLm required: true responses: '200': description: >- Returns details about an existing token and its expiration times. If an nonexistent token is sent in the request, the response returns that it is inactive. content: application/json: schema: $ref: '#/components/schemas/OAuthTokenIntrospectResponseBody' examples: OAuth active token: value: access_token: 1ABCde2FGHijKl3m4NO5pqR6STUv7wxYzAbc8dE90FgH1IJkLm client_id: a1Bcdefg2HI3Jkl4m5nOP expires_at: 1738945086 expires_in: 555 scope: api token_type: Bearer active: true OAuth inactive token: value: active: false '400': description: Returns an error if an invalid request body is provided. content: application/json: schema: $ref: '#/components/schemas/Error' examples: Missing parameters: value: code: 400 key: missing_parameters message: Missing parameters security: - X-App-Id: [] X-App-Token: [] components: schemas: OAuthTokenIntrospectRequestBody: title: OAuth Token Introspect Request Body type: object description: Request body schema for **POST** `/oauth/introspect`. properties: access_token: type: string description: An OAuth 2.0 token generated with the API token and key. example: 1ABCde2FGHijKl3m4NO5pqR6STUv7wxYzAbc8dE90FgH1IJkLm required: - access_token OAuthTokenIntrospectResponseBody: title: OAuth Token Introspect Response Body type: object description: Response body schema for **POST** `/oauth/introspect`. allOf: - $ref: '#/components/schemas/OAuthToken' - type: object properties: active: type: boolean description: >- Determines if the token is active. Nonexistent tokens are also marked as inactive. required: - access_token - client_id - expires_at - expires_in - scope - token_type - active Error: title: Error Object type: object description: Error details properties: code: type: integer description: Error's HTTP status code. key: type: string description: Short string describing the kind of error which occurred. message: type: string description: A human-readable message providing a short description of the error. details: type: string description: A human-readable message providing more details about the error. request_id: type: string example: v-0a885062c80375740f description: >- This ID is useful when troubleshooting and/or finding the root cause of an error response by our support team. resource_id: type: string description: >- Unique resource ID that can be used in another endpoint to get more details. example: rf_0c5d710a87c8a31f86 resource_type: type: string description: The resource type. example: voucher error: type: object description: Includes additional information about the error. properties: message: type: string description: The message configured by the user in a validation rule. required: - code - message OAuthToken: title: OAuth Token Details type: object description: Details about the OAuth token. properties: access_token: type: string description: The access token used to authorize access to the Voucherify API. client_id: type: string description: Unique client identifier, assigned by Voucherify, for OAuth. expires_at: type: integer description: >- Timestamp in seconds in the Unix format indicating when the token expires. expires_in: type: integer description: Number of seconds left until the token expires. scope: type: string description: >- Defines the scope of possible actions that can be done with the OAuth token. The `api` scope allows using the server-side API. The `client_api` scope allows using the whole client-side API. Possible values: `api`, `assets`, `async-actions`, `campaigns`, `categories`, `client_api`, `client_consents`, `client_customers`, `client_events`, `client_promotions`, `client_publish`, `client_qualifications`, `client_redeem`, `client_redemptions`, `client_validate`, `client_validations`, `client_vouchers`, `consents`, `customers`, `events`, `exports`, `locations`, `loyalties`, `metadata-schemas`, `orders`, `product-collections`, `products`, `promotions`, `publications`, `qualifications`, `redemptions`, `referrals`, `rewards`, `segments`, `skus`, `task-results`, `templates`, `trash-bin`, `validation-rules-assignments`, `validation-rules`, `validations`, `vouchers`. token_type: type: string description: >- Type of the token. Use the value as the header prefix for authorization. default: Bearer enum: - Bearer securitySchemes: X-App-Id: type: apiKey name: X-App-Id in: header X-App-Token: type: apiKey name: X-App-Token in: header ````