Skip to content

Commit 5ace6a3

Browse files
committed
Link added
1 parent 03d6cac commit 5ace6a3

File tree

1 file changed

+9
-1
lines changed

1 file changed

+9
-1
lines changed

security/access_token.rst

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,11 +4,12 @@
44
How to use Access Token Authentication
55
======================================
66

7-
Access tokens are commonly used in API contexts. The access token is is obtained
7+
Access tokens are commonly used in API contexts. The access token is obtained
88
through an authorization server (or similar) whose role is to verify the user identity
99
and receive consent before the token is issued.
1010

1111
Access Tokens can be of any kind: opaque strings, Json Web Tokens (JWT) or SAML2 (XML structures).
12+
Please refer to the `RFC6750`_: *The OAuth 2.0 Authorization Framework: Bearer Token Usage*.
1213

1314
Using the Access Token Authenticator
1415
----------------------------------
@@ -100,6 +101,11 @@ where participating browsers do not have access to the "Authorization" request h
100101

101102
In other words: ``query_token`` and ``body_token` authenticators are not recommended.
102103
104+
Customizing the Authenticators
105+
------------------------------
106+
107+
108+
103109
Customizing the Success Handler
104110
-------------------------------
105111
@@ -146,3 +152,5 @@ Then, configure this service ID as the ``success_handler``:
146152
If you want to customize the default failure handling, use the
147153
``failure_handler`` option and create a class that implements
148154
:class:`Symfony\\Component\\Security\\Http\\Authentication\\AuthenticationFailureHandlerInterface`.
155+
156+
.. _`RFC6750`: https://datatracker.ietf.org/doc/html/rfc6750

0 commit comments

Comments
 (0)