Skip to content

Introspection Interception Script#


Introspection scripts allows to modify response of Introspection Endpoint (spec). Introspection script should be associated with client (used for obtaining the token) in order to be run.

Configuration Prerequisites#

  • A Janssen Authorization Server installation
  • Introspection script - included in the default Janssen OpenBanking distribution
  • Setting configuration Parameters

Adding the custom script#

  1. To add or update custom scripts, you can use either jans-cli or curl. jans-cli in interactive mode, option 13 enables you manage custom scripts. For more info, see the docs.
  2. jans-cli in command line argument mode is more conducive to scripting and automation. To display the available operations for custom scripts, use --info CustomScripts. See the docs for more info.
  3. To use curl see these docs


You can normally find in the /opt/jans/jans-cli/ folder.

Steps to add / edit / delete configuration parameters**#

  1. Place a [JSON file] containing configuration parameters and the custom script in a folder.

  2. From this folder, run the following command:

python3 jans-cli-linux-amd64.pyz --operation-id post-config-scripts --data /IntrospectionScript.json \
--cert-file jans_cli_client.crt --key-file jans_cli_client.key


  1. IntrospectionType class and initialization:

    class Introspection(IntrospectionType):
        def __init__(self, currentTimeMillis):
            self.currentTimeMillis = currentTimeMillis
        def init(self, customScript, configurationAttributes):
            return True
        def destroy(self, configurationAttributes):
            return True
        def getApiVersion(self):
            return 11
  2. This method is called after introspection response is ready. This method can modify the introspection response.

    # Returns boolean, true - apply introspection method, false - ignore it.
    # Note : responseAsJsonObject - is org.codehaus.jettison.json.JSONObject, you can use any method to manipulate json
    # context is reference of org.gluu.oxauth.service.external.context.ExternalIntrospectionContext (in project)
    def modifyResponse(self, responseAsJsonObject, context):
        # get session, extract openbanking_intent_id 
        sessionIdService = CdiUtil.bean(SessionIdService)
        sessionId = sessionIdService.getSessionByDn(context.getTokenGrant().getSessionDn()) # fetch from persistence
        openbanking_intent_id = sessionId.getSessionAttributes().get("openbanking_intent_id")
        # modify response
        responseAsJsonObject.accumulate("openbanking_intent_id", openbanking_intent_id)
        return True