Consumer Authentication

/

API reference

/

M2M Authentication

/

Token

/

Authenticate Access Token

Authenticate Access Token

Authenticate an access token issued by Stytch from the Token endpoint.

M2M access tokens are JWTs signed with the project's JWKs, and can be validated locally using any Stytch client library.

You may pass in an optional set of scopes that the JWT must contain in order to enforce permissions.


Body parameters


access_token*string

required_scopesarray[strings]

max_token_agenumber

clock_tolerance_secondsnumber

Response fields


client_idstring

scopesarray[strings]

custom_claimsobject
# This is a custom method that doesn't directly hit an API endpoint, so it's only available in our SDKs.

RESPONSE

200
{
    "client_id": "m2m-client-test-d731954d-dab3-4a2b-bdee-07f3ad1be885",
    "scopes": ["read:users","write:users"],
    "custom_claims": {
        "contact_email": "notice@example.com"
    }
}