PhpRootUser

Check : http://bshaffer.github.io/oauth2-server-php-docs/grant-types/user-credentials/ if you need more info...

ZANE SAID: "Because that token is your key to their information, their profile, their demographics; everything you need to keep up with your incoming traffic without the hassle of storing it yourself." OK, but that case is when you make 3rd part applications available in your site, not when you use only user credentials. I am asking what is the advantage of using "user credentials" instead of $_SESSION. The user credentials receive a Username and Password, then return a token in json. Then, you have to send the token back to the server to continue to be "recognized", and what is the diference of sending him a SESSION_ID?

Hi. After looking how oauth 2.0(User Credentials) works, why i use this if i have to put the access_token variable in a cookie of a session i have to start, lol! Oauth User Credentials was supposed to do the job of session, but if i have to start a session for this it makes no sense... Forget about the 3rd part application, i am discussing the need of session creation in oauth 2.0. Also, to use Oauth, an https(secure) connection is hightly recommended. Oauth should be used for json responses only?