My FeedDiscussionsHeadless CMS
New
Sign in
Log inSign up
Learn more about Hashnode Headless CMSHashnode Headless CMS
Collaborate seamlessly with Hashnode Headless CMS for Enterprise.
Upgrade ✨Learn more

How does OAuth2 tokens work?

Emil Moe's photo
Emil Moe
·May 21, 2017

In Laravel Passport I can generate a client which seems to be a binding of a user with a secret. Then I can generate an access token, and for that I have an ID, which is not matching the token. The token seems not stored anywhere in the database.

My question is, are these tokens generated from the ID and the secret or does OAuth2 operate?

I also have something called auth codes, which I'm not sure what is, but some of this might be Laravel specific.

Here's an example:

Token: 61019229631096651f652a4a8b87b4faf0f43d7bc54570cc28e386a51c00a914379838d168411e07
Secret: 2hYiPXGdqq2zz2vjmnEklWt35DnOsyX434InLGWl
Access Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjYxMDE5MjI5NjMxMDk2NjUxZjY1MmE0YThiODdiNGZhZjBmNDNkN2JjNTQ1NzBjYzI4ZTM4NmE1MWMwMGE5MTQzNzk4MzhkMTY4NDExZTA3In0.eyJhdWQiOiIxIiwianRpIjoiNjEwMTkyMjk2MzEwOTY2NTFmNjUyYTRhOGI4N2I0ZmFmMGY0M2Q3YmM1NDU3MGNjMjhlMzg2YTUxYzAwYTkxNDM3OTgzOGQxNjg0MTFlMDciLCJpYXQiOjE0OTUzNzMxMzQsIm5iZiI6MTQ5NTM3MzEzNCwiZXhwIjoxNTI2OTA5MTM0LCJzdWIiOiIxIiwic2NvcGVzIjpbXX0.QrEEtdTwq_sdyPtstO9wB2yLmeMH4s0icVMvygksZahx76OXiTC92luLfz0j9Nh-9ezg42JhK8NKBEQM0Ot-NZSd__WRCmf-BS6Ue_RuJQnBv6K_zFf2tgENzbMxzO4rN7s0sjA0yPNycbuxr3D0w690yF0QGBCOaWOASbNTEtpAEOXDXu5HNkiaOsqGTpKRoxvasRfu06wSr1oIVawMBNFu8Kaq7kCssygMQQPjtvKezHHzbc8hny_yaA49fYIYgQhr3zBJyPwdN9EU-dG_0iGun7ZG30X2CthyeKp0Q1fUmYCJFwK5mKuIxK-UnER5ChFs-yMXn5Hr9XvGum0Ejdzdp90YcOyuxQcvOMJOSPARegKj-WH2XYr0aCpnCwMMV9NLu-dxxKdQmwG_PpLxk-fU4-4M9m1fpKUpSO8TW9WNgxcoauSznqwnevuSW-yvEpo1Sb98Q91-I6UGxBCpvhlQ7e5i9OvXK8YbY8Tt3gPi9Za-1FX9Hbx0EulKQCt78LTjFwS7VB722S2-hlgAEhXJK6lghb7yQ3be7LVSCiT_YHMXurtwpxWCsaIBsJ2-3smlVDFzXHfGnAVDx53UC9q0Y5t3yxjk2UCSyS9e2B4LFdY_yXcdA1H5OvGMgNJkUhKXsfeIyfU2xeL0aqinJ3SJ3tvhkDq9ohZ115hA1nQ