public String token;

    /**
     * The permissions associated with this access token.
     * Defines what operations and resources this token can access.
     */
    @CustomSize(maxKey = "form.admin.max.input.size")
    public String permissions;

    /**
     * The parameter name for the access token.
     * This field specifies how the token should be passed in API requests.
     * Maximum length is 10000 characters.

///

## Return the token { #return-the-token }

The response of the `token` endpoint must be a JSON object.

It should have a `token_type`. In our case, as we are using "Bearer" tokens, the token type should be "`bearer`".

And it should have an `access_token`, with a string containing our access token.

///

## Devolver el token

El response del endpoint `token` debe ser un objeto JSON.

Debe tener un `token_type`. En nuestro caso, como estamos usando tokens "Bearer", el tipo de token debe ser "`bearer`".

Y debe tener un `access_token`, con un string que contenga nuestro token de acceso.

///

## Den Token zurückgeben

Die Response des `token`-Endpunkts muss ein JSON-Objekt sein.

Es sollte einen `token_type` haben. Da wir in unserem Fall „Bearer“-Token verwenden, sollte der Token-Typ "`bearer`" sein.

Und es sollte einen `access_token` haben, mit einem String, der unseren Zugriffstoken enthält.

    }

    /**
     * Get the access token.
     * @param id The ID of the access token.
     * @return The access token.
     */
    public OptionalEntity<AccessToken> getAccessToken(final String id) {
        return accessTokenBhv.selectByPK(id);
    }

    /**
     * Store the access token.
     * @param accessToken The access token.
     */
    public void store(final AccessToken accessToken) {

		},
	},
}

func mainHandler(w http.ResponseWriter, r *http.Request) {
	token := r.FormValue("token")
	if token == "" {
		writeErrorResponse(w, errors.New("token parameter not given"))
		return
	}

	rsp, ok := tokens[token]
	if !ok {
		w.WriteHeader(http.StatusForbidden)
		return
	}

	fmt.Printf("Allowed for token: %s user: %s\n", token, rsp.User)

	w.WriteHeader(http.StatusOK)
	json.NewEncoder(w).Encode(rsp)

Decodifique o token recebido, verifique-o e retorne o usuário atual.

Se o token for inválido, retorne um erro HTTP imediatamente.

{* ../../docs_src/security/tutorial004_an_py310.py hl[90:107] *}

## Atualize a *operação de rota* `/token`

Crie um `timedelta` com o tempo de expiração do token.

Crie um token de acesso JWT real e o retorne.

        super();
    }

    /**
     * The unique identifier of the access token being edited.
     * This is a required field for identifying which token to update.
     */
    @Required
    @Size(max = 1000)
    public String id;

    /**
     * The username of the user who last updated this access token.
     * Used for audit trail purposes to track who made changes.
     */
    @Size(max = 1000)

///

## Retorne o token

A resposta do endpoint `token` deve ser um objeto JSON.

Deve ter um `token_type`. No nosso caso, como estamos usando tokens "Bearer", o tipo de token deve ser "`bearer`".

E deve ter um `access_token`, com uma string contendo nosso token de acesso.

Para este exemplo simples, seremos completamente inseguros e retornaremos o mesmo `username` do token.

/// tip | Dica

WSO2 generates tokens in first style by default, but if to be used with MinIO we should configure WSO2 to provide JWT tokens instead.

### 3. Generate Self-contained Access Tokens