How is access token generated from apigee API managiment?
Is an access token contains userid and scope information directly and encrypted them?
or api gateway have a unique string that matchs userid and scope information, and generate an access token from this unique string?
Hi @naomi,
Welcome to Apigee community!
OAuth 2.0 access token generated by Apigee Edge is an opaque string and this string itself contains no information. Associated information of the token is maintained at Edge.
I will encourage you to read documentation at Apigee docs: http://docs.apigee.com/api-services/content/oauth-home
Cheers,
Rajesh Doda