Authorization code set (code)
when third parties get access_token by the need to use the code, code timeout is 10 minutes, a code can only be successful once in exchange for access_token lapse.
Authorization scope (scope)
the scope behalf of the user interfaces permissions granted to a third party, third-party applications need to apply for permission to the server using the appropriate scope of an authorized user, the interface only to make calls, after obtaining the corresponding access_token.
The token is valid ( access_token )
access_token is calling empowerment credentials call interface, due access_token period (currently 2 hours) short, when the access_token expires, you can use refresh_token refresh, refresh access_token results in two ways:
1. If access_token has timed out, then carried refresh_token will get a new access_token, the new timeout;
2. If the access_token has not timed out, then the change will not be refresh_token access_token, but will refresh timeout, the equivalent of renewal access_token.
refresh_token have a longer period (30 days), when refresh_token failure, requiring users to re-authorize.
