OAuth API response parameters

The OAuth 2.0 API produces a JSON response containing the following parameters as name:value pairs.

Table 1. Access token response parameters
Response parameter Description
scope Amount of access granted by the access token. The scope is always useraccount, meaning that the access token has the same rights as the user account that authorized the token. For example, if Abel Tuter authorizes an application by providing his login credentials, then the resulting access token grants the token bearer the same access privileges as Abel Tuter.
token_type Type of token issued by the request as defined in the OAuth RFC. The token type is always Bearer, meaning that anyone in possession of the access token can access a protected resource without providing a cryptographic key. See RFC6750 for more information about how OAuth 2.0 uses bearer tokens.
expires_in Lifespan of the access token in seconds.
refresh_token String value of the refresh token.
access_token String value of the access token. Access requests made within the access token expiration time always return the current access token.
format [Optional] Output format of the response. This value is always JSON.

The following example illustrates the JSON string returned by an access token request. (Spaces have been added to improve readability.)

{"scope":"useraccount","token_type":"Bearer","expires_in":1800,
"refresh_token":"w599voG89897rGVDmdp12WA681r9E5948c1CJTPi8g4HGc4NWaz62k6k1K0FMxHW40H8yOO3Hoe",
"access_token":"F0jh9korTyzd9kaZqZ0SzjKZuS3ut0i4P46Lc52m2JYHiLIcqzFAumpyxshU9mMQ13gJHtxD2fy"}