I would like to know if there is some API endpoint (Admin API or not) where, given a Consumer-ID and an user ID, I get can the OAuth2 tokens issued.
In other words, I want to know if a given user (“authenticated_userid”, in Kong’s OAuth2’s plugin terms) has given consent to a Consumer. Then also, which scopes and whether that token is expired or not.
I’m using Kong’s OAuth2 plugin and the only thing I could find is that it is possible to get that information by doing a few requests to endpoints like
/oauth2_credentials, but the solution is not viable at all (it won’t scale, it’s not straightforward to use).
I would expect this to be available through some Admin API endpoint(s), but I could not find anything beyond that. Am I missing something? Is that something planned for?
thanks in advance!