Stack Overflow
Stack Overflow

Questions tagged [access-token]

Access Token is the last token acquired during the OAuth authentication process.

4002 questions
90
votes
5 answers

What's the point of refresh token?

I have to confess I've had this question for a very long time and never really understood. Say an auth token is like a key to a safe; when it expires it's not usable anymore. Now we're given a magic refresh token, which can be used to get another…
wangii
  • 2,570
  • 1
  • 22
  • 29
84
votes
3 answers

What is the difference between OAuth based and Token based authentication?

I thought that OAuth is basically a token based authentication specification but most of the time frameworks act as if there is a difference between them. For example, as shown in the picture below Jhipster asks whether to use an OAuth based or a…
Cemre Mengü
  • 18,062
  • 27
  • 111
  • 169
83
votes
11 answers

How to add a GitHub personal access token to Visual Studio Code

I received an email saying GitHub will require token authentication after August 13 2021. I want to ensure I don't have an interruption of service (push/pull) after this date. So I logged into GitHub and created a token for my single repository. Now…
chuckd
  • 13,460
  • 29
  • 152
  • 331
82
votes
4 answers

How to specify refresh tokens lifespan in Keycloak

Keycloak refresh token lifetime is 1800 seconds: "refresh_expires_in": 1800 How to specify different expiration time? In Keycloak admin UI, only access token lifespan can be specified:
rok
  • 9,403
  • 17
  • 70
  • 126
70
votes
8 answers

Facebook Page Access Tokens - Do these expire?

I'm building an app that allows users to administrate their Facebook Fan Pages. This requires the following two Access Tokens: A User Access Token A Page Access Token I'm quite familiar with User Access Tokens, but not with Page Access…
dbau
  • 16,009
  • 2
  • 21
  • 31
64
votes
5 answers

Web API token authentication with a custom user database

I am developing a Web API 2.1 service that needs to authenticate the connecting clients (HTML5/JS clients that I will create and control). Unfortunately, the user information (username, password hashes, roles and much, much more info) is stored in…
djikay
  • 10,450
  • 8
  • 41
  • 52
63
votes
2 answers

Where to store access-token in react.js?

I am building an app in Reactjs. I have to make fetch call, after verifying the access_token. On signup, access_token are acquired from back-end server. But, where to store these access_token. Is there any way of making these access_token global, so…
Thananjaya S
  • 1,451
  • 4
  • 18
  • 31
62
votes
5 answers

Azure App Service deploy Failed to get resource ID for resource type 'Microsoft.Web/Sites'

In the last 6 months I have been releasing with a pipeline in Azure DevOps, but today I receive the following error: 2019-09-25T14:24:38.4296875Z ##[section]Starting: Azure App Service Deploy: AS-ServiciosNegocio-API-UAT 2019-09-25T14:24:38.4419797Z…
Ruy Ruiz
  • 614
  • 1
  • 5
  • 5
61
votes
3 answers

JSON Web Token (JWT) benefits over a database session token

With a database session token system I could have a user login with a username/password, the server could generate a token (a uuid for example) and store it in the database and return that token to the client. Every request from thereon would…
ajeetdl
  • 1,254
  • 1
  • 13
  • 17
60
votes
7 answers

facebook Uncaught OAuthException: An active access token must be used to query information about the current user

I've been struggling to find out what is happening with this. My scripts were working fine for a bit and suddenly half stopped. I'm accessing the api and am getting back an access token. With the access token, I can access a users public info just…
user401183
  • 2,530
  • 4
  • 27
  • 25
54
votes
5 answers

Clarification on id_token vs access_token

I'm building a system with OIDC and OAuth 2.0 (using Auth0), and I'm unsure how to properly use the id_token and access_token. Or rather, I'm confused about which roles to assign to the various services in my setup. I have a fully static…
Christian Johansen
  • 1,861
  • 1
  • 16
  • 22
49
votes
5 answers

How do RSA tokens work?

I would like to understand how RSA tokens (SecurID) work, what is the algorithm used there, is it the same algorithm as the regular RSA encryption/decryption ?
Jau L
  • 904
  • 2
  • 8
  • 20
46
votes
2 answers

Do twitter access token expire?

I am building a web app from where the user can manage his twitter account. I've created the twitter app and once the user authenticates himself the application gets the access token from twitter. Does this access token expire or I can store it and…
Florian Shena
  • 1,384
  • 4
  • 19
  • 27
42
votes
3 answers

Authenticating the request header with Express

I want to verify that all our get requests have a specific token in their authentication header. I can add this to our get endpoints: app.get('/events/country', function(req, res) { if (!req.headers.authorization) { return res.json({ error:…
kambi
  • 3,291
  • 10
  • 37
  • 58
42
votes
5 answers

trying to get app access token

I tried to get an app-access-token for my facebook app with this code: APP_ACCESS_TOKEN = FB.api( "oauth/access_token", {client_id: APP_ID, client_secret: APP_SECRET_CODE, redirect_uri: uri}, function(response){ …
Franz Deschler
  • 2,456
  • 5
  • 25
  • 39
1
2
3
99 100