One of the most commonly leveraged mechanisms for authorization is a bearer token. The most common mechanism for issuing these tokens is by using OAuth. However, while bearer tokens are typically referred to as OAuth tokens, in reality, they are merely provisioned by OAuth. The token itself can be defined by any standard, or no standard at all. Let's see how this relationship between token and token issuer can play out.
Authorization tokens
OAuth token provisioning
As I mentioned before, OAuth is a standard for providing clients with valid authentication tokens. The formal standard for how this is done is actually relatively brief and high level, and allows for a lot of flexibility in specific implementations. It was...