Access token concept

An access token is a short-lived credential used to create a link. An access token contains the URL and secret code of a corresponding access grant.

A site wishing to accept a link (the accepting site) creates an access grant. It uses the access grant to create a corresponding access token and transfers it to a remote site (it issues a token). The remote site submits the access token to the accepting site (it redeems the token). If the token is valid, the accepting site sends the remote site the TLS credentials and connection endpoints required to create a link to the accepting site.

Access tokens have limited redemptions and limited lifespans. By default, they can be redeemed only once, and they expire 15 minutes after being issued. You can set custom limits by configuring the access grant.

An access grant and corresponding access token

The sequence for issuing and redeeming access tokens