API: Structure of an access token
manual
api manual reference zettelstore
zmk
00001012050600
00001012050200 00001012050400 00001012050600
1
(c) 2020-present by Detlef Stern <ds@zettelstore.de>
20210126175322
00001012050200 00001012050400 00001012930000 00001012930500
en
EUPL-1.2-or-later
20230807165915
20230807165915
public
If the authentication process was successful, an access token with some additional data is returned. The same is true, if the access token was renewed. The response is structured as a symbolic expression list, with the following elements:
The type of the token, always set to "Bearer", as described in RFC 6750
The token itself, which is technically the string representation of a symbolic expression containing relevant data, plus a check sum.
The symbolic expression has the form (KIND USERNAME NOW EXPIRE Z-ID)
KIND is 0 for an API access, 1 if it created for the Web user interface.
USERNAME is the user name of the user.
NOW is a timestamp of the current time.
EXPIRE is the timestamp when the access token expires.
Z-ID is the zettel identifier of the user zettel.
The symbolic expression is encoded via base64. Based on this encoding, a checksum is calculated, also encoded via base64. Both encoded values are concatenated, with a period (".") as a delimiter.