Session 3: Tokens and APIs

OAuth is all about tokens. These tokens have specific purposes and usage patterns. In this session we'll explain the various tokens and how they work when calling an API. We will also discuss how to efficiently design an API infrastructure using a token based architecture and the phantom token flow.

  • Tokens in OAuth and OpenID
  • Understanding token type, purpose and format.
  • Typical token lifetimes
  • Calling an API with an Access Token
  • Introspecting a token
  • Using a Gateway to introspect tokens
  • The Phantom Token Flow

Related resources

Back to course

Course Outline

1

Session 1: Introduction to OAuth

2

Session 2: OAuth vs OpenID Connect

3

Session 3: Tokens and APIs

4

Session 4: Server to Server Communication with OAuth

5

Session 5: Design tokens for your APIs

6

Session 6: Dynamic Clients and Metadata

7

Session 7: OAuth for Mobile Applications

8

Session 8: OAuth for Single Page Applications

Next steps

Start Today

Ready to modernize IAM? Build security and improve ease of use to stay ahead of the competition.

Free trial icon representing Start a free trial

Start a Free Trial

Calendar icon representing Schedule a demo

Schedule a demo

User with a computer icon representing Speak to an Identity Specialist

Speak to an Identity Specialist

Book icon representing Explore learning resources

Explore learning resources