diff --git a/src/OpenIddict.Abstractions/OpenIddictResources.resx b/src/OpenIddict.Abstractions/OpenIddictResources.resx
index 0ab3e247..4e260d06 100644
--- a/src/OpenIddict.Abstractions/OpenIddictResources.resx
+++ b/src/OpenIddict.Abstractions/OpenIddictResources.resx
@@ -1701,6 +1701,12 @@ To apply post-logout redirection responses, create a class implementing 'IOpenId
The '{0}' parameter cannot contain null or empty values.
+
+ A token must be specified when using introspection.
+
+
+ A token must be specified when using revocation.
+
The security token is missing.
diff --git a/src/OpenIddict.Client/OpenIddictClientHandlers.cs b/src/OpenIddict.Client/OpenIddictClientHandlers.cs
index f327891d..5de69eb7 100644
--- a/src/OpenIddict.Client/OpenIddictClientHandlers.cs
+++ b/src/OpenIddict.Client/OpenIddictClientHandlers.cs
@@ -6171,6 +6171,11 @@ public static partial class OpenIddictClientHandlers
throw new ArgumentNullException(nameof(context));
}
+ if (string.IsNullOrEmpty(context.Token))
+ {
+ throw new InvalidOperationException(SR.GetResourceString(SR.ID0458));
+ }
+
if (context.Registration is null && string.IsNullOrEmpty(context.RegistrationId) &&
context.Issuer is null && string.IsNullOrEmpty(context.ProviderName) &&
context.Options.Registrations.Count is not 1)
@@ -6841,6 +6846,11 @@ public static partial class OpenIddictClientHandlers
throw new ArgumentNullException(nameof(context));
}
+ if (string.IsNullOrEmpty(context.Token))
+ {
+ throw new InvalidOperationException(SR.GetResourceString(SR.ID0459));
+ }
+
if (context.Registration is null && string.IsNullOrEmpty(context.RegistrationId) &&
context.Issuer is null && string.IsNullOrEmpty(context.ProviderName) &&
context.Options.Registrations.Count is not 1)