Based on this answer https://stackoverflow.com/a/20087071, I understood the way communication between server and client is supposed to happen. However, I am trying to understand how do I generate those tokens in the first place in order to give it to client so that client can later use that token for authentication ?
Edit: I am planning to develop on Flask framework.
You usually use some open-source or third party oauth2 provider to generate the tokens (usually they are JWTs) for you.
Check this out, this will give you a good explanation of how token auth works, how to generate and validate the access tokens in Python (if you are using Stormpath): https://docs.stormpath.com/python/product-guide/latest/auth_n.html#how-token-based-authentication-works
Are you using any python frameworks like Django or Flask?
Disclosure: I work for Stormpath
