Skip to content
Duende Software Docs
We just launched Duende IdentityServer v7.2.0 and BFF v3.0. Check it out!

Requesting tokens

Extension grants And Token Exchange

Section titled “Extension grants And Token Exchange”

link to source code

This sample shows an implementation of the Token Exchange specification RFC 8693 via the Duende IdentityServer extension grant mechanism.

See here for more information on extension grants.

Personal Access Tokens (PAT)

Section titled “Personal Access Tokens (PAT)”

link to source code

This sample shows how to provide a self-service UI to create access tokens. This is a common approach to enable integrations with APIs without having to create full-blown OAuth clients.

When combining PATs with the reference token feature, you also get automatic validation and revocation support. This is very similar to API keys, but does not require custom infrastructure. The sample also contains an API that accepts both JWT and reference tokens.