Class AccessToken

Additional properties in the access token response.

The lifetime in seconds of the access token. For example, the value 3600 denotes that the access token will expire in one hour from the time the response was generated. If omitted, the authorization server SHOULD provide the expiration time via other means or document the default value.

Source: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-06#section-3.2.3

The refresh token, which can be used to obtain new access tokens based on the grant passed in the corresponding token request.

Source: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-06#section-3.2.3

The value of the scope parameter is expressed as a list of space-delimited, case-sensitive strings. The strings are defined by the authorization server.

Source: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-06#section-3.2.3

The access token type provides the client with the information required to successfully utilize the access token to make a protected resource request (along with type-specific attributes). The client MUST NOT use an access token if it does not understand the token type.

For example, the Bearer token type defined in this specification is utilized by simply including the access token string in the request:

GET /resource/1 HTTP/1.1 Host: example.com Authorization: Bearer mF_9.B5f-4.1JqM

The above example is provided for illustration purposes only.

Each access token type definition specifies the additional attributes (if any) sent to the client together with the access_token response parameter. It also defines the HTTP authentication method used to include the access token when making a protected resource request.

Source: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-06#section-5.1

Credential used to access protected resources.

Source: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-06#section-1.4