Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hello, we have working auth using Ory Network and now we need SSO from different app. We have setup OAuth client and we can get access token, but how we should validate that token on our side since it is not JWT? Is `Token Introspection` used in that case?

Token introspection will give you a 200 OK with details if the token is valid 