Summary: We are adding two new fields to the response of the oauth2 v1/token endpoint.
Products: Platform Services
Is this a breaking change: No
What is changing
The "scope" and "token_type" fields are now returned with all existing fields. The scope field contains the scopes granted by the authorization server. The token_type field indicates the type of token returned by the authorization server.
Why we’re making the change
We are making this change to better conform to the RFC6749 response format.
What will current users of the endpoint need to update in their code
Current users of this endpoint do not need to take any action or consume these fields in any way. The only potential risk here is if someone was very strictly parsing the token response and could not handle the addition of these new fields.
What will happen if users of the endpoint do not update their code
Link to Developer Portal documentation
For more information on oauth2, please refer to Authentication and URL Locations.