oauth2-server/terminology.md
2015-04-19 18:01:36 +08:00

1001 B
Executable File

layout title permalink
default Terminology /terminology/

Terminology

  • Access token - A token used to access protected resources
  • Authorization code - An intermediary token generated when a user authorizes a client to access protected resources on their behalf. The client receives this token and exchanges it for an access token.
  • Authorization server - A server which issues access tokens after successfully authenticating a client and resource owner, and authorizing the request.
  • Client - An application which accesses protected resources on behalf of the resource owner (such as a user). The client could hosted on a server, desktop, mobile or other device.
  • Grant - A grant is a method of acquiring an access token.
  • Resource server - A server which sits in front of protected resources (for example "tweets", users' photos, or personal data) and is capable of accepting and responsing to protected resource requests using access tokens.
  • Scope - A permission