token introspection

RU: token introspection

OAuth 2.0 Token Introspection (RFC 7662): an endpoint a resource server calls to ask the authorization server whether a presented token is currently active and to retrieve its metadata (scope, expiry, subject). The response always contains a boolean active field; inactive or unknown tokens return active: false.