What is a Token?

A token is a small piece of data that contains enough information to verify a user’s identity or to authorize a specific action within a system. Tokens enable secure authentication and authorization for applications.

What is an Access Token?

An access token is a temporary credential issued by an authorization server upon user login, allowing a client application to access secure resources on behalf of the user. These tokens act as “keys” for secure access and are typically short-lived, lasting only a few hours.

What is a Refresh Token?

A refresh token is issued alongside an access token and can be used to obtain new access tokens without requiring the user to log in again. When an access token expires, the refresh token provides a way to securely extend user sessions without additional login prompts.