Useful Links
Computer Science
Other Tools and Technologies
OAuth and OIDC
1. Introduction to Secure Delegated Access
2. OAuth 2.0 Framework Fundamentals
3. OAuth 2.0 Protocol Endpoints
4. OAuth 2.0 Tokens
5. Scopes and Permissions
6. OAuth 2.0 Authorization Grants
7. OpenID Connect Identity Layer
8. JSON Web Tokens in OAuth and OIDC
9. Security Considerations and Threats
10. Advanced OAuth and OIDC Topics
11. OAuth 2.1 Evolution
12. Implementation Guidance
OAuth 2.0 Tokens
Access Tokens
Purpose and Function
Resource Access Authorization
Bearer Token Usage
Token Formats
Opaque Tokens
Characteristics
Validation Requirements
Storage Considerations
Structured Tokens
JSON Web Tokens
Self-Contained Information
Validation Process
Token Properties
Scope and Permissions
Audience Restrictions
Expiration Time
Issuer Information
Token Lifecycle
Issuance
Usage
Expiration
Revocation
Refresh Tokens
Purpose and Function
Long-Term Access
Token Renewal
Security Characteristics
Long-Lived Nature
Single Use Principle
Rotation Strategies
Refresh Token Rotation
Security Benefits
Implementation Approaches
Revocation Handling
Token Security
Storage Requirements
Transmission Security
Leakage Prevention
Revocation Mechanisms
Previous
3. OAuth 2.0 Protocol Endpoints
Go to top
Next
5. Scopes and Permissions