I am trying to understand the difference between user token and app token.I have lot of confusion between the two. For now I have a piece of code which tries to access cross team api and my code tries to access it by providing client id and my authentication credentials. I get bearer token. Is bearer token an app token? User token is one where user signs in using his credentials. Can anyone explain the difference between the user token and app token in general?
Asked
Active
Viewed 2,040 times
1 Answers
0
User token and app token are not OAuth2 terms. But in general, a user token is a token that was issued because the user authenticated and the app acts on the users' behalf.
An app token is issued when the app gets a token on its own behalf using client credentials. I described the OAuth2 flows in this answer.
A bearer token just means that you only need that token to access an API as opposed to needing a cryptographic key to prove you can use the token.
MvdD
- 22,082
- 8
- 65
- 93