Skip to content

Return token's primary key with POST /oauth/token

Alex Gleason requested to merge oauth-token-id into develop

I'm developing multi-account support in Soapbox FE, and storing user tokens in the browser with localStorage.

I would like users to be able to review their active sessions and revoke them. In particular, I want a user to know which session is their current session.

We are able to see a list of users sessions (aka oauth tokens) from GET /api/oauth_tokens.json to render a display like this:

Screenshot_from_2021-03-24_12-13-54

This endpoint (/api/oauth_tokens.json) returns a list of token IDs:

Screenshot_from_2021-03-24_12-12-47

In order to consolidate this output with user tokens in the browser, I need the ID of the token in response to POST /oauth/token. This MR adds it, and improves the mastoapi differences document around authentication.

Before (POST /oauth/token):

{
  "access_token": "ZA-Yj3aBD8U8Cm7lKUp-lm9O9BmDgdhHzDeqsY8tlL0",
  "token_type": "Bearer",
  "scope": "read write follow push",
  "created_at": 1573979017
}

After:

{
  "id": 3673,
  "access_token": "ZA-Yj3aBD8U8Cm7lKUp-lm9O9BmDgdhHzDeqsY8tlL0",
  "token_type": "Bearer",
  "scope": "read write follow push",
  "created_at": 1573979017
}

Merge request reports