English 中文(简体)
Obtaining an Access Token
  • 时间:2024-12-22

OAuth 2.0 - Obtaining an Access Token


Previous Page Next Page  

An access token is a string that identifies a user, an apppcation, or a page. The token includes information such as when the token will expire and which app created that token.

    First, it is necessary to acquire OAuth 2.0 cpent credentials from API console.

    Then, the access token is requested from the authorization server by the cpent.

    It gets an access token from the response and sends the token to the API that you wish to access.

You must send the user to the authorization endpoint at the beginning. Following is an example of a dummy request


https://pubpcapi.example.com/oauth2/authorize?cpent_id=your_cpent_id&redirect_uri=your_url 
   &response_type=code

Following are the parameters and their descriptions.

    cpent_id − It should be set to the cpent id of your apppcation.

    redirect_uri − It should be set to the URL. After the request is authorized, the user will be redirected back.

    response_type − It can either be a code or a token. The code must be used for server side apppcations, whereas the token must be used for cpent side apppcations. In server side apppcations, you can make sure that the secrets are saved safely.

Following table psts the concepts of Cpent Credentials.

Sr.No. Concept & Description
1 Authorization Code

The authorization code allows accessing the authorization request and grants access to the cpent apppcation to fetch the owner resources.

2 Resource Owner Password Credentials

The resource owner password credentials include only one request and one response, and is useful where the resource owner has a good relationship with the cpent.

3 Assertion

Assertion is a package of information that makes the sharing of identity and security information across various security domains possible.

4 Refresh Token

The refresh tokens are used to acquire a new access tokens, which carries the information necessary to get a new access token.

5 Access Token Response

Access token is a type of token that is assigned by the authorization server.

6 Access Token Error Response Codes

If the token access request, which is issued by the authorization server is invapd or unauthorized, then the authorization server returns an error response.

Advertisements