How to validate OAUTH2 access token

I am writing a separate website and am using Bubble for SSO. We have the OAUTH2 flow as follows:

Send user to bubble login
Receive code and authenticate
Receive access token, refresh token, expiry time, token type and uid
Store those in session cookie

However, I want to check that the token is valid periodically (and on first use), to ensure a user hasn’t just entered a random string. I can do this by just calling the refresh token, but I don’t feel like refreshing the token so often is any good. However, I don’t know of any endpoint to check access.

What should I do here?

Just bumping this issue

You can create a “user” or “me” endpoint in the API connector and make it external.

Just return something simple.

1 Like