OAuth 2 in Action

Chapter 11. OAuth tokens

This chapter covers

What an OAuth token is
Including information in structured JSON Web Tokens (JWT)
Protecting token data with JOSE
Looking up token information in real time with token introspection
Managing a token lifecycle with token revocation

For all its redirects and flows and components, the OAuth protocol is ultimately about tokens. Think back to our cloud-printing example from chapter 1. In order for the photo-storage service to know that the printer had access to the photos, the printer service needed to give something to prove that authorization. We call the thing that the printer gives to the storage service an access token, and we’ve already been working with them extensively throughout the book. Now ...

Get OAuth 2 in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

OAuth 2 in Action by Justin Richer, Antonio Sanso

Chapter 11. OAuth tokens

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly