It means 'issue me (the client app) with a refresh token' - see https://help.salesforce.com/apex/HTViewHelpDoc?id=remoteaccess_oauth_scopes.htm&language=enand https://help.salesforce.com/apex/HTViewHelpDoc?id=remoteaccess_oauth_refresh_token_flow.htm&language=en
Cheers, Pat -- Pat Patterson | Developer Evangelist Architect | http://about.me/patpatterson On Wed, Dec 4, 2013 at 10:07 PM, Torsten Lodderstedt < [email protected]> wrote: > Hi Pat, > > out of couriosity: what is the meaning of the "refresh_token" scope value? > > regards, > Torsten. > > > > Pat Patterson <[email protected]> schrieb: > >> For what it's worth, we pass back a space-separated list in the response: >> >> { >> "id":" >> https://login.salesforce.com/id/00Dd0000000f6kcEAA/005d0000001kTmOAAU";, >> "issued_at":"1386201559129", >> *"scope":"id api refresh_token",* >> "instance_url":"https://aloha.my.salesforce.com";, >> "refresh_token":"5Ae...vDy", >> "signature":"5cN...mw=", >> "access_token":"00D...1aI" >> } >> >> Cheers, >> >> Pat >> >> -- >> >> Pat Patterson | Developer Evangelist Architect | >> http://about.me/patpatterson >> >> >> On Wed, Dec 4, 2013 at 12:06 PM, John Bradley <[email protected]> wrote: >> >>> Per Sec 3.3 and Appendix A.4 >>> >>> scope is a space SP separated list of scope-token which are 1*NQCHAR >>> >>> So query encoded it looks like &scope=openid%20profile%20email (you >>> would be sending it in a POST form encoded to the token endpoint in your >>> case) >>> and the response will be JSON: >>> { >>> "access_token":"2YotnFZFEjr1zCsicMWpAA", >>> "token_type":"example", >>> "expires_in":3600, >>> "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", >>> "scope":"openid profile email" >>> } >>> >>> Yes the examples probably should have included scope but it is clear >>> from the normative text. >>> >>> John B. >>> >>> On Dec 3, 2013, at 8:55 AM, Andreas Kohn <[email protected]> wrote: >>> >>> > Hi, >>> > >>> > the current RFC for OAuth 2.0 ( >>> http://www.rfc-editor.org/rfc/rfc6749.txt) is very unclear on *how* to >>> return the scope in the access token response if there are multiple scopes >>> requested/returned. >>> > >>> > Could someone please clarify whether the scopes are supposed to be >>> returned as >>> > 1. space separated string value (i.e. in the same syntax in which they >>> came in), or >>> > 2. as JSON array (looks most "JSON-y"), or >>> > 3. in another format (for example github uses ',') >>> > >>> > There is a related question on stackoverflow: >>> http://stackoverflow.com/questions/13290994/how-should-approved-scopes-be-returned-from-an-oauth2-0 >>> > >>> > >>> > Regards, >>> > -- >>> > Andreas >>> > >>> > >>> > >>> > _______________________________________________ >>> > OAuth mailing list >>> > [email protected] >>> > https://www.ietf.org/mailman/listinfo/oauth >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/oauth >>> >>> >> ------------------------------ >> >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth >> >>
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
