Function validateAccessToken

validateAccessToken(
    __namedParameters: validateAccessTokenParams,
    config: ValidateAccessTokenConfig,
): Promise<
    {
        access_token: string;
        client: OauthClient;
        scope: string;
        sub: string;
    },
>
Decrypts and validates access token structure, type, and client binding.

Why (Security)
Token-type and client checks prevent unauthorized protected-resource access.

Specifications
- RFC 6750 (OAuth 2.0 Bearer Token Usage) Section 2, bearer token usage at resource servers
- RFC 6749 (OAuth 2.0 Authorization Framework) Section 7, protected resource access
- OpenID4VCI, credential endpoint token validation expectations
Parameters
- __namedParameters: validateAccessTokenParams
- config: ValidateAccessTokenConfig
Returns Promise<
    {
        access_token: string;
        client: OauthClient;
        scope: string;
        sub: string;
    },
>
- Defined in packages/server-core/src/statements/validations/validateAccessToken.ts:26