This functionality was removed in Update 23.
Despite first appearances, the OAuth token is not encrypted and only base-64 encoded. The token contains the information relating to the user and the token issuer and is stored as key-value pairs known as claims. A tokens typically contains the username, the URI of the token issuer, the mechanism used to generate the token (the OAuth flow), and the client host information. An example below shows a decoded OAuth token and what values are contained within the encoded string:
{
“client_id”: “TestClient”,
“scope”: “SPF”,
“sub”: “superuser”,
“amr”: “password”,
“auth_time”: 1489148304,
“idp”: “idsrv”,
“name”: “superuser”,
“ClientHostName” : “SPFMachine”,
“role”: “Admin”,
“ingr.session_id”: “6800695efddf40d8977fbc4b765800d3”,
“iss”: “http/localhost/spfconfigservice/spfauthentication/oauth”,
“aud”: “http/localhost/spfconfigservice/spfauthentication/oauth/resources”,
“exp”: “1489151904”,
“nbf”: “1489148304”
}
A decoding utility for OAuth tokens and viewing the contents can be found at: htttps//jwt.io.