May 23, 2021 OAuth 2.0 Series
1. The resource owner key certificate authorizes the request and response
2. The resource owner key certificate authorizes the response
The resource owner key certificate authorization contains a single request-and-response. The resource owner key certificate authorization request contains the following parameters:
| grant_type | Have to. Must be set to a password. |
|---|---|
| username | Have to. The user name of the resource owner encoded by UTF-8. |
| password | Have to. UTF-8 encoded resource owner password. |
| scope | Optional. The scope of the authorization. |
The response is the JSON structure data that contains the access token. The JSON structure looks like this:
{ "access_token" : "...",
"token_type" : "...",
"expires_in" : "...",
"refresh_token" : "...",
}access_type is the access token assigned by the authorization server. t oken_type is the type of token assigned by the authorized server. e xpires_in is how many seconds after the access token, it is no longer valid. A ccess token expiration values are optional. r efresh_token property contains tokens that are refreshed after the token expires. Refreshed tokens are used to include a new access token once the response returns a token that is no longer valid.