Posts:
Marvin has not published any posts yet.
Replies:

If you are generating access tokens, then you are probably on the server where the access tokens are stored in OAuth2.Server.AccessToken.  OAuth2.AccessToken is where the access tokens are stored on the client. 

Both of these tables must be accessed from the %SYS namespace and privileges to access CACHESYS database are required.

Why do you need EnsLib.EDI.XML.Document?  If you already have persistent classes, then you can use the persistent classes in many places where EnsLib.EDI.XML.Document can be used.

Consider the flow of the access token:

1. Client requests the access token.

2. authorization server authenticates user and issues token

3. client receives token -- IsAuthorized will now return 1 in the same CSP session

4. client uses access token in Authorization header to authorize to resource server.

5. The resource server knows nothing about the access token at this point.  In order to validate the access token, the resource server either needs to check signatures (%SYS.OAuth2.Validation:ValidateJWT) or contact the authorization server (%SYS.OAuth2.AccessToken methods GetUserinfo or GetIntrospection).  Exactly which method to use depends on how the authorization server is configured. The standards do not specify in detail.  You need to contact the authorization server support folks.

Followers:
Marvin has no followers yet.
Following:
Marvin has not followed anybody yet.
Global Masters badges:
Marvin has no Global Masters badges yet.