Token
The element denotes the token based authentication wraps up the following two stages,
- Token URL helps to generate grant token using the access token.
- Authentication URL is used in the server side to authenticate the token and identity of user.
Possible Locations
Attributes
| Name | Type | Description |
|---|---|---|
| name required |
String | Name of the token. |
| visibility | String (enum) | Decides who can view and use the element. The possible values are internal, private, public. The default value is public. |
Child Elements
- description
- token-url required
- authentication-url
Example
In the travelers resource, we have decided to use the token for authentication. So, you have to write the authentication schema for it under the <resource> in the following way.
copy
<token name="MyTokenFlow">
<token-url path="https://authorization-server.com/token">
<operation method="post" name="GenerateToken" category="action">
<request-body>
<content>
<encode type="application/json" />
<structure>
<property name="client_id" type="string"/>
<property name="client_secret" type="string"/>
<property name="code" type="string"/>
</structure>
</content>
</request-body>
<response status="200">
<content>
<encode type="application/json" />
<structure name="TokenResponse">
<property name="token" type="string"/>
<property name="api_domain" type="string"/>
<property name="expires_in" type="datetime"/>
</structure>
</content>
</response>
</operation>
</token-url>
<authentication-url path="https://authorization-server.com/token-info">
<operation method="post" name="IntrospectToken" category="action">
<request-body>
<content>
<encode type="text/plain" />
<structure name="Token">
<property name="token" type="string"/>
</structure>
</content>
</request-body>
<response status="200">
<content>
<encode type="application/json" />
<structure-group type="one-of">
<structure name="TokenInfo">
<property name="active" type="boolean" values="true"/>
<property name="scopes" type="string"/>
<property name="client_id" type="string"/>
<property name="expires_at" type="datetime"/>
</structure>
<structure name="ExpiredTokenResponse">
<property name="active" type="boolean" values="false"/>
</structure>
</structure-group>
</content>
</response>
<response status="401">
<content>
<encode type="application/json" />
<structure name="AuthenticationErrorResponse">
<property name="code" type="string" values="INVALID_CLIENT"/>
<property name="message" type="string"/>
<property name="status" type="string" values="error"/>
</structure>
</content>
</response>
</operation>
</authentication-url>
</token>
Last Updated 2025-05-30 16:54:59 +0530 IST
Yes
No
Thank you for your feedback!
Send your feedback to us
Skip
Submit