doorkeeper
  • Doorkeeper Guides
  • Ruby on Rails
    • Getting Started
    • Routes
    • Configuration
    • Scopes
    • Securing the API
    • API Mode
    • PKCE Flow
    • Polymorphic Resource Owner
  • Grape
    • Grape
  • ORMs
    • Active Record
    • MongoDB
    • Sequel
    • Couchbase
  • Internals
    • Database Design
    • Internationalization (i18n)
    • Rake
    • Testing
    • Upgrading
    • Creating extensions
  • Security
    • Token and Application Secrets
  • Configuration
    • Models
    • Scopes
    • Skip Authorization
    • Other Configurations
    • Route Constraints and other integrations
Powered by GitBook
On this page
  • oauth_applications
  • oauth_access_tokens
  • oauth_access_grants

Was this helpful?

  1. Internals

Database Design

oauth_applications

Field

Purpose

id

Primary key, in case of using RDBMs

name

Application name

uid

secret

Used together with uid for client authentication

redirect_uri

scopes

confidential

Indicates whether client public or private

created_at

Creation date & time

updated_at

Date & time of latest update

If you set enable_application_owner configuration option then applications table also includes:

Field

Purpose

owner_id

PK of the Resource owner record

owner_type

Resource owner model name

oauth_access_tokens

Field

Purpose

id

Primary key, in case of using RDBMs

resource_owner_id

PK of the resource owner record

application_id

PK of the client token was issued for

token

Token value

refresh_token

Refresh token value (used to refresh a token)

expires_in

TTL of the token (in seconds)

revoked_at

Date & time when token was revoked

created_at

Creation date & time

scopes

Access token scopes

previous_refresh_token

Previous refresh token value

If you enabled use_polymorphic_resource_owner configuration option then your database must have additional columns:

Field

Purpose

resource_owner_type

Resource owner model name

oauth_access_grants

Field

Purpose

id

Primary key, in case of using RDBMs

resource_owner_id

PK of the resource owner record

application_id

PK of the client token was issued for

token

Token value

expires_in

TTL of the token (in seconds)

redirect_uri

Redirect URI

revoked_at

Date & time when token was revoked

created_at

Creation date & time

scopes

Access token scopes

In case you enabled PKCE flow, your access grants table will include:

Field

Purpose

code_challenge

Code challenge value

code_challenge_method

Code challenge method name

PreviousCouchbaseNextInternationalization (i18n)

Last updated 4 years ago

Was this helpful?

Unique ID, used as

Redirects the resource owner to this URI ()

Defines which the application uses

client identifier
spec
scopes