| Field |
Purpose |
| id |
Primary key, in case of using RDBMs |
| name |
Application name |
| uid |
Unique ID, used as client identifier |
| secret |
Used together with uid for client authentication |
| redirect_uri |
Redirects the resource owner to this URI (spec) |
| scopes |
Defines which scopes the application uses |
| confidential |
Indicates whether client public or private |
| created_at |
Creation date & time |
| updated_at |
Date & time of latest update |
If you set enable_application_owner configuration option then applications table also includes:
| Field |
Purpose |
| owner_id |
PK of the Resource owner record |
| owner_type |
Resource owner model name |
| Field |
Purpose |
| id |
Primary key, in case of using RDBMs |
| resource_owner_id |
PK of the resource owner record |
| application_id |
PK of the client token was issued for |
| token |
Token value |
| refresh_token |
Refresh token value (used to refresh a token) |
| expires_in |
TTL of the token (in seconds) |
| revoked_at |
Date & time when token was revoked |
| created_at |
Creation date & time |
| scopes |
Access token scopes |
| previous_refresh_token |
Previous refresh token value |
If you enabled use_polymorphic_resource_owner configuration option then your database must
have additional columns:
| Field |
Purpose |
| resource_owner_type |
Resource owner model name |
| Field |
Purpose |
| id |
Primary key, in case of using RDBMs |
| resource_owner_id |
PK of the resource owner record |
| application_id |
PK of the client token was issued for |
| token |
Token value |
| expires_in |
TTL of the token (in seconds) |
| redirect_uri |
Redirect URI |
| revoked_at |
Date & time when token was revoked |
| created_at |
Creation date & time |
| scopes |
Access token scopes |
In case you enabled PKCE flow, your access grants table will include:
| Field |
Purpose |
| code_challenge |
Code challenge value |
| code_challenge_method |
Code challenge method name |