Need an extended answer or a link to the material:

1) Can I use one access_token for many users? To make one authorization under my account to receive in return a secret key (token) with which I will have access to the API and add it to each request, instead of forcing each user to do authorization. (An important point: I do not need personal information of the user, his photo, etc., etc., but only permission to use the private API. But I can only get this access from my account and continue to add it to each request for different users).

2) If this is not possible then explain how can I save these tokens to the database? How do I associate a user with a token? After all, in fact I don’t have his name, email or usernames, but only a token. How can I find out that this is exactly this user when he decides to log in next time in 10 days?

    1 answer 1

    2) When registering, you need to store the user ID (namely the ID and not just the page address) The token (almost) does not have an expiration time, it changes only when the password is changed. It is difficult to answer without knowing the specifics, you should look for the answer in the documentation .

    • From the Foursquare API, I only get a token. How do I then identify the user ID. Or I have to generate it for my part. Then I still have no idea how this idi connects the user and his device? - raviga
    • It is worth giving more specifics, I thought that the question is in the context of the VC. Although there is good documentation on the protocol, there are no such chips as the user ID on other sites or it is difficult to obtain. - Flippy
    • what have OAuth 2 and VC? - raviga