OAuth tokens
Last updated
Last updated
Created by an OAuth server.
Upon authenticating a resource owner and getting its consent to grant access to a protected resource.
An opaque byte blob that makes sense only to its issuer.
Short validity time.
Just enough to get an access token.
Created by an OAuth server.
When creating an access token.
An opaque byte blob that makes sense only to its issuer.
It can be used to collect a new access token.
Still requires client authentication.
Bearer tokens.
Clients need to protect their use with HTPPS.
Clients can hand over tokens to others.
Created by an OAuth server.
When creating an access token.
An opaque byte blob that makes sense only to its issuer.
It can be used to collect a new access token.
Still requires client authentication.
Bearer tokens.
Clients need to protect their use with HTTPS.
Clients can hand over tokens to others.