Stack Overflow
Stack Overflow

Questions tagged [access-token]

Access Token is the last token acquired during the OAuth authentication process.

4002 questions
1
vote
1 answer

Canvas LMS LTI 1.3 JWS signature invalid 400 ERROR

Hope everyone is staying safe :) I actually have a problem in my LTI Integrations with our client's production env. We implemented our platform in the client's dev side Canvas LMS and our dev Canvas instance. All those settings worked…
Brandon
  • 60
  • 5
1
vote
1 answer

Why is token authentication more secure than API key based authentication?

This is a typical token-based auth sequence. The initial sign-in sends username/password, receives a token that is used for all subsequent requests. The tokens are only valid for a set amount of time. If there was a malicious listener on the…
RaGe
  • 22,696
  • 11
  • 72
  • 104
1
vote
1 answer

Login with Google in Laravel using Postman

I am new to laravel and making a login with the Google module in Laravel using Postman. I've successfully generated a Google access token. But how to make the whole module of login with Google in Postman? and Can we use that access token in other…
Hiral Soni
  • 23
  • 3
1
vote
2 answers

How to store the access token and refresh token in android studio?

I'm implementing rest API using volley library for my android assignment and I want to know how to save the token because every other API needs the access and refresh token, Should I save it in a database? How do I access the stored token when…
Aditya
  • 47
  • 1
  • 8
1
vote
1 answer

How refresh tokens add security to jwt?

I know how jwt works and if I am true, refresh tokens are used to generate or sign new jwt or access tokens. So they play role of encryption key? I dont understand how refresh tokens help increase security of jwt When jwt is stolen? does it matter…
danial mohamadnejad
  • 21
  • 1
  • 2
1
vote
2 answers

Microsoft as OAuth2 provider for personal accounts does not issue JWT access tokens

It seems that microsoft will not issue JWT access tokens for personal accounts. In Azure AD I created an app registration with the type 'Personal Microsoft accounts only'. My SPA uses that app registration and I can authenticate against it. After…
stefan
  • 121
  • 1
  • 2
  • 6
1
vote
1 answer

Refresh Token 1:1 Mapping With Access Token

I've read through this explanation of refresh tokens here: https://stackoverflow.com/a/36280559/11634814 and I think it makes a lot of sense. In a nutshell, refresh tokens are useful because you only have one unexpired access token associated with…
Evan
  • 1,892
  • 2
  • 19
  • 40
1
vote
1 answer

Re authenticate github in gitkraken

I am trying to re-authenticate my GitKraken with GitHub with my access token, since I used to be authenticated with user/password before, but now it is required to use personal access token. Can someone help me with that, I already have…
redberry
  • 696
  • 7
  • 15
1
vote
1 answer

How to use Express to structure the "Client Credentials Flow" for authorization to use the Spotify API?

I'm trying to write a utility with Node.js and Express that would use the Spotify API. However, I'm stuck trying to figure out the best way to use the "Client Credentials Flow" with Express to get an access token to use the…
Ritvik Biswas
  • 100
  • 1
  • 9
1
vote
1 answer

How Store AccessTokens to Cookies and use them to call Graph API for Asp.net web application (non MVC)

I want to Call graph API to get OneDrive Data. I am able to obtain JWT which looks like this // The conte nts of the JSON look like this: // { // "token_type":"Bearer", // "scope": "Directory.Read.All…
Asmi
  • 157
  • 1
  • 1
  • 14
1
vote
0 answers

React Native function for getting an Oauth 2.0 token

I'm porting an app from React to React Native but this function for getting a token from an api returns 'undefined' as a response when being called with a useEffect hook. After looking into the issue more it seems like the URLSearchParams function…
Joel Gonzalez
  • 41
  • 2
1
vote
1 answer

Facebook ACCESS_TOKEN used with links.getStats

links.getStats was working fine as simple REST call just few weeks ago, and right now it's failing... The reason is simple, it needs an ACCESS_TOKEN. Of course, my application, which I use to stream some content to my wall, has an non expiring…
Mike
  • 11
  • 2
1
vote
1 answer

Preventing fraudulent use of GCP access tokens appearing in requests issued by the frontend

The frontend of my web app uses an access token (periodically generated by the backend) to issue requests to GCP text-to-speech. Issuing requests from the frontend rather than from the backend is essential to keep down both the costs of my service…
AlwaysLearning
  • 7,257
  • 4
  • 33
  • 68
1
vote
1 answer

Can I be able to access all users data using Salesforce Access Token of Admin of the same organization

I am able to get refresh and access token for an admin in Salesforce. My question is: Similiar to Microsoft, will I be able to access all the user's and their data inside the same organization/tenant using this token. I am not sure, Salesforce has…
Taslim Arif
  • 39
  • 1
  • 1
  • 5
1
vote
0 answers

Can't implement IProfileService properly in Identity Server 4

I have a working authorization setup and obtain a token that contains the below. Seemingly, everything behaves as supposed to, the verification in profiles kicks in as expected etc. { ... "awo": "bazinga", "...schemas.microsoft.com../role": […
Konrad Viltersten
  • 36,151
  • 76
  • 250
  • 438
1 2 3
99 100