Inspect token

GET /2023-03-01/management/introspect
Access token

Retrieve data about the token, such as scopes, mode, provider, and if it is active

Responses

  • 200 application/json

    Success

    Hide response attributes Show response attributes object
    • client_id string Required

      The client ID you received when you first created the application

    • mode string Required

      Values are official or xhr.

    • provider string Required

      Values are sandbox, bamboohr, breathe, cezanne, charliehr, deel, deputy, hailyhr, hibob, humaans, iris cascade, moorepay, nmbrs, parolla.ie, payfit, personio.de, planday, sagehr, saplinghr, staffology, xero uk, brain payroll, brightpay connect, employment hero, factorialhr, fourthhr, gusto, itrent, justworks, onpay, oysterhr, paycircle, pento.io, peoplehr, remote.com, sageone, shape payroll, simplepay.ie, quickbooks online, or zoho.

    • scopes array[string] Required

      One or more scope values indicating which parts of the user's account you wish to access.

      Note, slight deviation from the OAuth 2.1 spec in that the param is scopes (plural) is used vs scope (singular)

      Values are /2023-03-01/official/company, /2023-03-01/official/employee, /2023-03-01/official/employees, /2023-03-01/official/groups, /2023-03-01/official/identity, /2023-03-01/official/time-off-balances, /2023-03-01/official/time-off-entries, /2023-03-01/official/timesheets, /2023-03-01/official/work-locations, /2023-03-01/xhr/company, /2023-03-01/xhr/employee, /2023-03-01/xhr/employees, /2023-03-01/xhr/groups, /2023-03-01/xhr/identity, /2023-03-01/xhr/payruns, /2023-03-01/xhr/payruns/:payrun_id, /2023-03-01/xhr/time-off-balances, /2023-03-01/xhr/time-off-entries, /2023-03-01/xhr/timesheets, or /2023-03-01/xhr/work-locations.
  • 400 application/json

    Bad Request

    Hide response attributes Show response attributes object
  • 403 application/json

    Forbidden

    Hide response attribute Show response attribute object
  • 404 application/json

    Not Found

    Hide response attributes Show response attributes object
    • message string Required

      A description of the error

    • id string Required

      The id of the entity that the id applies. For example, the transaction id
  • 429 application/json

    Rate Limited / Too Many Requests

    Hide headers attribute Show headers attribute
    • Retry-After integer

      Retry your call after the specified amount of seconds

    Hide response attribute Show response attribute object
  • 500 application/json

    Server Error

    Hide response attribute Show response attribute object
GET /2023-03-01/management/introspect 
curl \
 -X GET https://api.affixapi.com/2023-03-01/management/introspect \
 -H "Authorization: $API_KEY"
Response examples (200) 
{
  "client_id": "00000000-00000000-00000000-00000000",
  "mode": "xhr",
  "provider": "sandbox",
  "scopes": [
    "identity",
    "census"
  ]
}
Response examples (400) 
{
  "message": "string",
  "validation_error": "string"
}
Response examples (403) 
{
  "message": "string"
}
Response examples (404) 
{
  "message": "string",
  "id": "string"
}
Response examples (429) 
# Headers
Retry-After: 42

# Payload
{
  "message": "string"
}
Response examples (500) 
{
  "message": "string"
}