">mixi Developer Center (mDC)

mixi Connect

mixi Connect (English) » mixi Graph API » The difference between old OAuth2.0 spec and new one

The difference between old OAuth2.0 spec and new one

mixi Platform has provided OAuth2.0 since October 2010. We adopted Draft10 that was supported by many people at that time, it is different from the latest spec of OAuth2.0. We have now adopted RFC6749 that is the latest spec.

We still support Draft10 as backward compatibility, but please use RFC6749 for new applications.
Below are the differences between the old and new spec.

New (RFC6749) Old (Draft 10)
mDC page
Authorization and Authentication Process (New Spec) Authorization and Authentication Process (New Spec)
Spec based on
[RFC 6749 - The OAuth 2.0 Authorization Framework]
http://tools.ietf.org/html/rfc6749
[RFC 6750 - The OAuth 2.0 Authorization Framework
: Bearer Token Usage]
http://tools.ietf.org/html/rfc6750
[The OAuth 2.0 Protocol draft-ietf-oauth-v2-10] http://openid-foundation-japan.github.com/draft-ietf-oauth-v2.ja.html
Response on issue or re-issue of access token
{
"refresh_token":"39c5662a2e8b87d41c1eebe79f68af",
"expires_in":900,
"access_token":"c2be2257f3dae3df4efcb010ae6eea",
"token_type":"Bearer",
"scope":"r_profile r_voice"
}
{
"refresh_token":"39c5662a2e8b87d41c1eebe79f68af",
"expires_in":900,
"access_token":"c2be2257f3dae3df4efcb010ae6eea",
"scope":"r_profile r_voice"
}
Way to specify access token when using the API (Authorizarion Header)
Authorization: Bearer c2be2257f3dae3df4efcb010ae6eea Authorization: OAuth c2be2257f3dae3df4efcb010ae6eea
Way to specify access token when using the API(Query parameter)
https://api.mixi-platform.com/2/people/@me/@self
?access_token=c2be2257f3dae3df4efcb010ae6eea
https://api.mixi-platform.com/2/people/@me/@self
?oauth_token=c2be2257f3dae3df4efcb010ae6eea
Response for an expired token
WWW-Authenticate: Bearer
realm="api.mixi-platform.com", error="invalid_token", error_description="The access token expired"
WWW-Authenticate: OAuth
error='expired_token',realm='api.mixi-platform.com'

TOP OF THIS PAGE