If the authentication process was successful, an access token with some additional data is returned. The same is true, if the access token was renewed. The response is structured as a symbolic expression list, with the following elements:
The type of the token, always set to "Bearer", as described in RFC 6750
The token itself, which is technically the string representation of a symbolic expression containing relevant data, plus a check sum.
- The symbolic expression has the form (KIND USERNAME NOW EXPIRE Z-ID)
- KIND is 0 for an API access, 1 if it created for the Web user interface.
- USERNAME is the user name of the user.
- NOW is a timestamp of the current time.
- EXPIRE is the timestamp when the access token expires.
- Z-ID is the zettel identifier of the user zettel.
The symbolic expression is encoded via “base64”. Based on this encoding, a checksum is calculated, also encoded via “base64”. Both encoded values are concatenated, with a period (".") as a delimiter.