Problem statement
We cannot find the documentation for the token_type
and expires_in
fields in the response for the “get-token” endpoint. Can you provide some information about these two fields, especially the expires_in
field? We have 3 tokens returned from the response, and each of them should have their own expiration. So we are confused about what this expires_in
field refers to.
Solution
The token_type
and expires_in
fields in the response of the POST /oauth/token
endpoint is defined in the OAuth2 specification (RFC 6749):
As per the RFC above, the expires_in
field is the lifetime of the access token, and the token_type
is the type of the token issued, such as an Access token, ID token, or Refresh token.