<p></p>
<p>Right, so the problem I was having is that you can't introspect a token using bearer authorization with the same token - it's not allowed.</p>
<p>I think you can use bearer auth with a different token though I haven't proven that yet.</p>
<p>What definitely works is client authentication as you did before, for example:</p>
<pre><code> curl -X POST -d "client_id=dlpQ_u2s49xM0anHw6C7CwiB8m7WLIoaH4cUdOIqBPo&client_secret=fBG3ZtN18eetoSm2qs-6788gvybBJxoC8oDRbXwc3vQ&token=05sMxyhosM-gISCObOgdfSq7urPxGMlaGqS3VoeYse8" https://dev.osm.compton.nu/oauth2/introspect
{"active":true,"scope":"read_prefs","client_id":"dlpQ_u2s49xM0anHw6C7CwiB8m7WLIoaH4cUdOIqBPo","token_type":"Bearer","exp":0,"iat":1625235997}
</code></pre>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/openstreetmap/openstreetmap-website/issues/3245#issuecomment-873116710">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AAK2OLPKAYXHRUAHI25TDRTTVXR7HANCNFSM47WPZ3VA">unsubscribe</a>.<img src="https://github.com/notifications/beacon/AAK2OLJVOLZCNAJUNVPLPB3TVXR7HA5CNFSM47WPZ3VKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOGQFLIJQ.gif" height="1" width="1" alt="" /></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/openstreetmap/openstreetmap-website/issues/3245#issuecomment-873116710",
"url": "https://github.com/openstreetmap/openstreetmap-website/issues/3245#issuecomment-873116710",
"name": "View Issue"
},
"description": "View this Issue on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>