You should familiarize yourself with following terms to help understand the OAuth authorization flow before you start using Passolution Dataservice API:
The Passolution Dataservice resources, such as Entry, Visa, Transit Visa & Health Requirements etc.
The Passolution API Service (api.passolution.eu) that hosts protected resources.
An application (eg: your app) implementing OAuth protocol that sends requests to the Resource Server (Passolution API) to access protected resources on behalf of a Passolution user.
Passolution Service (web.passolution.eu) that authenticates users and allows users to authorize an OAuth Client (your app) to access Resource Server (Passolution API) on their behalf. After authorization, the OAuth Client (your app) can contact this server to get user's Access Token.
Access Token allows access to Resource Server (Passolution API) on a user's behalf.
It is a long string of seemingly random characters that actually is encoded data which allows Resource Server (Passolution API) to know which OAuth Client is accessing the API service on which user's behalf.
A token that can be used to obtain a new Access Token by contacting the Authorization Server (web.passolution.eu). A new token should be generated using the refresh token before the refresh token expires.
A unique ID assigned to an OAuth Client application used in OAuth protocol.
A shared secret value that allows Authorization Server (web.passolution.eu) to authenticate an OAuth Client application during OAuth protocol data exchange.
Once a Passolution user authorizes your OAuth Client application, our Authorization Server (web.passolution.eu) will generate and send an Authorization Code to your application. Your application can then contact the Authorization Server to exchange this Authorization Code with Access Token & Refresh Token for the Passolution user.
Grant Types are different ways an OAuth Client (eg: your application) can request access token. There are several OAuth Grant Types which are described below.