OAuth Access Tokens

Access tokens are revocable, bearer, and security tokens that allow access to specific domains. They are passed in each REST request as an authorization header by using the Bearer scheme.

Example header:

Authorization: Bearer access_token

Features of Access Tokens

  • An access token can be applicable to multiple domains. However, currently you cannot generate access tokens for API Management.

  • The access token can be viewed only once at the time you generate it. Store it securely for future use.

  • Access tokens expire at a preconfigured time. You can replace them by generating a new one. You can do so by using the UI or by using refresh tokens and OAuth clients.

  • Removing a team member from any of the domains automatically revokes all access tokens generated by that team member for the domain.

  • All tokens that are generated by you are revoked when your TIBCO Cloud subscription expires or when your TIBCO Cloud account is deleted.