A credential that grants temporary, scoped access to an API. Access tokens are typically short-lived (minutes to hours) and must be refreshed using a refresh token. They carry permissions defining what operations the holder can perform.
Related Terms
More in Security
API KeyA secret token used to authenticate requests to an API. API keys identify the ca...OAuth 2.0An authorization framework that allows third-party applications to access user r...Refresh TokenA long-lived credential used to obtain new access tokens without requiring the u...VaultA secure credential storage system that encrypts API keys and secrets at rest. 0...AES-256-GCMAdvanced Encryption Standard with 256-bit keys in Galois/Counter Mode. A symmetr...