Overview#

Authorization API Token or AAT is an Access Token with an OAuth Scope of uma_authorization.

An Entity seeking authorization API access MUST have the OAuth Scope uma_authorization.

The only Entity that can acquire an Access Token with an OAuth Scope of uma_authorization is by definition an OAuth Client.

More Information#

There might be more information for this subject on one of the following:

• AAT
• Authorization API
• User-Managed Access