title: API: Structure of an access token
role: manual
tags: #api #manual #reference #zettelstore
syntax: zmk
back: 00001012050600
backward: 00001012050200 00001012050400 00001012050600
box-number: 1
copyright: (c) 2020-present by Detlef Stern <ds@zettelstore.de>
created: 20210126175322
forward: 00001012050200 00001012050400 00001012930000 00001012930500
lang: en
license: EUPL-1.2-or-later
modified: 20250701134823
published: 20250701134823
visibility: public

If the [authentication process](00001012050200) was successful, an access token with some additional data is returned.
The same is true, if the access token was [renewed](00001012050400).
The response is structured as a [symbolic expression](00001012930000) list, with the following elements:

1. The type of the token, always set to `"Bearer"`, as described in [RFC 6750](https://datatracker.ietf.org/doc/html/rfc6750)
1. The token itself, which is technically the string representation of a [symbolic expression](00001012930500) containing relevant data, plus a check sum.
    * The symbolic expression has the form `(KIND USERNAME NOW EXPIRE Z-ID)`
    * `KIND` is `0` for an API access, `1` if it created for the Web user interface.
    * `USERNAME` is the user name of the user.
    * `NOW` is a timestamp of the current time.
    * `EXPIRE` is the timestamp when the access token expires.
    * `Z-ID` is the zettel identifier of the user zettel.
   The symbolic expression is encoded via &ldquo;base64&rdquo;.
   Based on this encoding, a checksum is calculated, also encoded via &ldquo;base64&rdquo;.
   Both encoded values are concatenated, with a period (`"."`) as a delimiter.