Tokens

Quasr provides following self-contained JSON Web Tokens (JWTs) for use by your applications:

• session token (OAuth 2.0, obtained during login or signup)

• access token (OAuth 2.0, used by application to access back-end)

• refresh token (OAuth 2.0, used by application to obtain new access token)

• id token (OpenID Connect 1.0, consumed by application for identity claims)

It also provides following tokens for internal platform functioning:

• consent token (obtained with session and exchanged for tokens)

• authorization code (obtained with consent token and exchanged for tokens)

• various state tokens (facilitating federation)