This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Working with OAuth
- Former user (Deleted)
- Former user (Deleted)
- Former user (Deleted)
OAuth 2.0 is a widely used specification for authorization aspects of resources in a light weight manner. WSO2 Identity Server provides a comprehensive implementation of this specification.
This section provides instructions on how to work with OAuth2 to expose resources in a secure manner.
Visit the following pages for information on working with OAuth.
- OAuth 2.0 Clients
- OAuth 2.0 Grant Types
- SAML2 Bearer Assertion Profile for OAuth 2.0
- JWT Token Generation
- Private Key JWT Client Authentication for OIDC
- OAuth2 Token Validation
- OAuth2 Token Revocation
- OAuth Token Validity Period
About the length of Access and Refresh tokens
Note that a UUID is created as the access token with the default size is 36 characters. The maximum size can be 255 which is the column size of ACCESS_TOKEN (in database table IDN_OAUTH2_ACCESS_TOKEN). Same applies to refresh token length.