From 83a56428297cb6060b211d631e7bad10681c9595 Mon Sep 17 00:00:00 2001
From: AJ ONeal <aj@therootcompany.com>
Date: Mon, 11 May 2020 04:51:18 +0000
Subject: [PATCH] document inspect endpoint

---
 public/index.html | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/public/index.html b/public/index.html
index 95a0344..3932ee6 100644
--- a/public/index.html
+++ b/public/index.html
@@ -13,6 +13,7 @@ Compatible with
 
   * https://mock.pocketid.app/access_token
   * https://mock.pocketid.app/authorization_header
+  * https://mock.pocketid.app/inspect_token
   * https://xxx.mock.pocketid.app/.well-known/openid-configuration
   * https://xxx.mock.pocketid.app/.well-known/jwks.json
   * https://mock.pocketid.app/key.jwk.json
@@ -48,6 +49,13 @@ For example:
   HEADER=$(curl -fL https://mock.pocketid.app/authorization_header)
   # Authorization: Bearer &lt;token&gt;
 
+<h3>Inspecting the Token</h3>
+
+You can see its decoded form at the `inspect_token` endpoint:
+
+  curl -fL https://mock.pocketid.app/inspect_token \
+    -H "$(curl -fL https://mock.pocketid.app/authorization_header)"
+
 <h3>The Token, Decoded</h3>
 
 The Token will look like this: