OAuth2TokenData

OAuth2 token data containing access and refresh tokens

  • access_token
    Type: string
    required

    JWT access token for API authentication. Include in Authorization header as 'Bearer {access_token}'. Contains claims: userId, userType, scope, oauth2 flag, iss, aud, exp, iat.

  • expires_in
    Type: integer
    required

    Access token lifetime in seconds (default: 900 = 15 minutes)

  • refresh_token
    Type: string
    required

    JWT refresh token for obtaining new access tokens. Valid for 7 days by default. IMPORTANT: Tokens are rotated on each refresh - always use the latest refresh_token.

  • scope
    Type: string
    required

    Granted OAuth2 scopes (space-separated). Available scopes: api, read:tours, write:tours, delete:tours, read:projects, write:projects, delete:projects, read:users, write:users, read:analytics, read:workspaces, write:workspaces. Default is 'api' which grants full access.

  • token_type
    enum
    const:  
    Bearer
    required

    Token type (always 'Bearer')

    values
    • Bearer