diff --git a/docs/docs/endpoints/introspect.mdx b/docs/docs/endpoints/introspect.mdx
index bb1075b5..e9cd1abe 100644
--- a/docs/docs/endpoints/introspect.mdx
+++ b/docs/docs/endpoints/introspect.mdx
@@ -23,6 +23,19 @@ app.post("/token/introspect", async (req: Express.Request, res: Express.Response
});
```
+### Configure
+
+Client credentials authentication is enabled by default. To disable, set `authenticateIntrospect` to `false`.
+
+```ts
+const authoriztionServer = new AuthorizationServer(
+ ...,
+ {
+ authenticateIntrospect: false,
+ }
+);
+```
+
### Request
A complete token introspection request will include the following parameters:
@@ -61,6 +74,22 @@ You can authenticate by passing the `client_id` and `client_secret` as a query s
```
+
+ ```ts
+ new AuthorizationServer(..., {
+ authenticateIntrospect: false,
+ })
+ ```
+
+ ```http request []
+ POST /token/introspect HTTP/1.1
+ Host: example.com
+ Content-Type: application/x-www-form-urlencoded
+
+ token=xxxxxxxxxx
+ &token_type_hint=refresh_token
+ ```
+
diff --git a/docs/docs/endpoints/revoke.mdx b/docs/docs/endpoints/revoke.mdx
index 62048b3d..048ac8b5 100644
--- a/docs/docs/endpoints/revoke.mdx
+++ b/docs/docs/endpoints/revoke.mdx
@@ -23,6 +23,19 @@ app.post("/token/revoke", async (req: Express.Request, res: Express.Response) =>
});
```
+### Configure
+
+Client credentials authentication is enabled by default. To disable, set `authenticateRevoke` to `false`.
+
+```ts
+const authoriztionServer = new AuthorizationServer(
+ ...,
+ {
+ authenticateRevoke: false,
+ }
+);
+```
+
### Request
A complete token revocation request will include the following parameters:
@@ -61,6 +74,23 @@ You can authenticate by passing the `client_id` and `client_secret` as a query s
```
+
+ ```ts
+ new AuthorizationServer(..., {
+ authenticateRevoke: false,
+ })
+ ```
+
+ ```http request []
+ POST /token/revoke HTTP/1.1
+ Host: example.com
+ Content-Type: application/x-www-form-urlencoded
+
+ token=xxxxxxxxxx
+ &token_type_hint=refresh_token
+ ```
+
+