RFC6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage¶

This section contains the generic implementation of RFC6750.

Guide on Bearer Token¶

Bearer token is used in OAuth 2.0 framework to protect resources. You need to implement the missing methods of BearerTokenValidator before using it. Learn how to use it in Resource Server.

API Reference¶

class authlib.oauth2.rfc6750.BearerTokenValidator(realm=None, **extra_attributes)¶

authenticate_token(token_string)¶

A method to query token from database with the given token string. Developers MUST re-implement this method. For instance:

def authenticate_token(self, token_string):
    return get_token_from_database(token_string)

Parameters: token_string – A string to represent the access_token.
Returns: token

validate_token(token, scopes, request)¶: Check if token is active and matches the requested scopes.

authlib.oauth2.rfc6750.BearerToken¶: alias of authlib.oauth2.rfc6750.token.BearerTokenGenerator

← RFC6749: The OAuth 2.0... RFC7009: OAuth 2.0 Token Revocation →