B.5 Using the token to access MCPTT resource servers

33.1793GPPRelease 13Security of Mission Critical Push To Talk (MCPTT) over LTETS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

MCPTT Connect shall initially support the bearer access token type. Access tokens of type "bearer" are communicated from the MCPTT client to MCPTT resource servers by including the access token in the HTTP Authorization Header, per IETF RFC 6750 [20].

The access token is opaque to the MCPTT client, meaning that the client does not have any knowledge of the access token itself. The client will be given some metadata corresponding to the access token, such as its expiration time, so that it does not send an expired access token to MCPTT resource servers. If the access token is presented to an MCPTT resource server and the scope is invalid or the token is expired or revoked, the MCPTT resource server should return an error message indicating such to the MCPTT client.