Skip to content

Specify OAuth profile for SciTokens #12

@jbasney

Description

@jbasney

Document OAuth flows for obtaining SciTokens per RFC 6749.
Show example requests/responses similar to the examples in the RFC for Obtaining Authorization, Issuing an Access Token, Refreshing an Access Token, and Accessing Protected Resources.

I expect the Access Token Response example to include a self-encoded access token and refresh token similar to:

 HTTP/1.1 200 OK
 Content-Type: application/json;charset=UTF-8
 Cache-Control: no-store
 Pragma: no-cache

 {
   "access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjEwMDAsImlzcyI6Imh0dHBzOi8vYXV0aG9yaXphdGlvbi1zZXJ2ZXIuY29tIiwiYXVkIjoiaHR0cHM6Ly9leGFtcGxlLWFwcC5jb20iLCJpYXQiOjE0NzAwMDI3MDMsImV4cCI6MTQ3MDAwOTkwMywic2NvcGUiOiJyZWFkIHdyaXRlIn0.zhVmPMfS3_Ty4qUl5ZMh4TipXsUCSH0mHzb4P_Ijhxs",
   "token_type":"Bearer",
   "expires_in":7200,
   "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
 }

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions