×

Session 3: Tokens and APIs

OAuth is all about tokens. These tokens have specific purposes and usage patterns. In this session we'll explain the various tokens and how they work when calling an API. We will also discuss how to efficiently design an API infrastructure using a token based architecture and the phantom token flow.

  • Tokens in OAuth and OpenID
  • Understanding token type, purpose and format.
  • Typical token lifetimes
  • Calling an API with an Access Token
  • Introspecting a token
  • Using a Gateway to introspect tokens
  • The Phantom Token Flow

Related resources

Related sessions

Back to course
1

Introduction to OAuth

2

OAuth vs OpenID Connect

4

Server to Server Communication with OAuth

5

Design tokens for your APIs

6

Dynamic Clients and Metadata

7

OAuth for Mobile Applications

8

OAuth for Single Page Applications