Skip to main content


Token properties are determined by the Config object and your application/tenant settings.

Property Description Type
access_token The OAuth2.0 token used to make requests String
refresh_token The OAuth2.0 refresh token, exchanged for a fresh token.
Note: must be enabled in your application and is not available when using Implicit flow
scope The access rights of the access_token String
grant_id Internal Security Verify use String
id_token JSON Web Token (JWT) which includes user details String
token_type Bearer String
expires_in The time in seconds until the access_token expires Number

Additional information can be found from the Token by using the introspectToken function from OAuthContext.