HxDR Access Token
OAuth Access Tokens
An OAuth Access Token is a string that the OAuth client uses to make requests to the resource server. Access tokens do not have to be in any particular format, and in practice, various OAuth servers have chosen many different formats for their access tokens. Access tokens may be either “bearer tokens” or “sender-constrained” tokens. Sender-constrained tokens require the OAuth client to prove possession of a private key in some way in order to use the access token, such that the access token by itself would not be usable.
Bearer Tokens
Bearer Tokens are the predominant type of access token used with OAuth 2.0. A Bearer Token is an opaque string, not intended to have any meaning to clients using it. Some servers will issue tokens that are a short string of hexadecimal characters, while others may use structured tokens such as JSON Web Tokens.
JSON Web Token
JSON Web Token (JWT, RFC 7519) is a way to encode claims in a JSON document that is then signed. JWTs can be used as OAuth 2.0 Bearer Tokens to encode all relevant parts of an access token into the access token itself instead of having to store them in a database.
{
"authorization": "Bearer [ACCESS_TOKEN]"
}{
"authorization": "Bearer eyJz9sdfsdfsdfsd"
}