Getting Started with OAuth and OpenID Connect

Session 3: Tokens and APIs

Video not published

OAuth is all about tokens. These tokens have specific purposes and usage patterns. In this session we'll explain the various tokens and how they work when calling an API. We will also discuss how to efficiently design an API infrastructure using a token based architecture and the phantom token flow.

  • Tokens in OAuth and OpenID
  • Understanding token type, purpose and format.
  • Typical token lifetimes
  • Calling an API with an Access Token
  • Introspecting a token
  • Using a Gateway to introspect tokens
  • The Phantom Token Flow

Related resources

Related sessions

Back to course

Introduction to OAuth


OAuth vs OpenID Connect


Server to Server Communication with OAuth


Design tokens for your APIs


Dynamic Clients and Metadata


OAuth for Mobile Applications


OAuth for Single Page Applications