Showing posts with label OAuth2. Show all posts
Showing posts with label OAuth2. Show all posts

Wednesday, 15 May 2019

What are 2 types of tokens ?


TOKENS are :

  • generated by Authorization (Auth) server
  • issued when client requests Auth server


 2 types of Tokens
1. ACCESS TOKEN

  • sent by client as request param / header to Resource server
  • have Limited lifetime / Expiry time (defined by Auth server)


 2. REFRESH TOKEN

  • issued with Access token but not sent in each request from client to Resource server
  • sent to Auth server to renew Access token when it expires


Posted by at No comments:
Labels:

What are different components of OAuth2 ?


1. Resource server
which stores and provides sensitive data (personal info) - for ex. API

 2. Client
Application requesting the access to Resource server

3. Authorization server
which issues token to client for requesting Resource server

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)