If the authentication process was successful, an access token with some additional data is returned. The same is true, if the access token was renewed. The response is structured as a symbolic expression list, with the following elements:
The type of the token, always set to "Bearer", as described in RFC 6750
The token itself, which is technically the string representation of a symbolic expression containing relevant data, plus a check sum.
The symbolic expression has the form (KIND USERNAME NOW EXPIRE Z-ID)
KIND is 0 for an API access, 1 if it created for the Web user interface.
USERNAME is the user name of the user.
NOW is a timestamp of the current time.
EXPIRE is the timestamp when the access token expires.
Z-ID is the zettel identifier of the user zettel.
The symbolic expression is encoded via base64. Based on this encoding, a checksum is calculated, also encoded via base64. Both encoded values are concatenated, with a period (".") as a delimiter.