# Resource Owner

The Resource Owner is an [OAuth](/glossary/o/oauth) entity capable of granting access to a resource. When the resource owner is a person, it is referred to as an end-user. The resource owner is always a user account.
Client	An application making resource requests on behalf of the user (also called the resource owner) with the user's authorization.

# Resource Server

Resource Server is an [OAuth](/glossary/o/oauth) term referring to the server hosting resources.

# Authorization Server

The Authorization Server is an [OAuth](/glossary/o/oauth) term referring to the server handling [authentication](/glossary/a/authorization) and [authorization](/glossary/a/authorization) an providing the client with [access tokens](/glossary/a/access_token) for access to resources.

# Authorization Request

An Authorization Request is an [OAuth](/glossary/o/oauth) request from a client to access a resource. It consists of an [HTTP POST](/glossary/h/http_method) message identifying the client and providing credentials for [authorization](/glossary/a/authorization).

# Authorization Grant

The Authorization Grant is an [OAuth](/glossary/o/oauth) credential representing the resource owner's [authorization](/glossary/a/authorization) to access a resource. It consists of either user login credentials or a [refresh token](/glossary/r/refresh_token).

# Access Token

An Access Token is a secure string used in [OAuth](/glossary/o/oauth) to provide a client with access to resources. The access token is issued to to clients that have a valid [authorization grant](/glossary/a/auth_grant).

# Refresh Token

The Refresh Token is an [OAuth](/glossary/o/oauth) method to provide clients with a new [access token](/glossary/a/access_token) without repeated [authorization](/glossary/a/authorization). Typically, the refresh token is issued to the client when it first acquires an access token, and has much longer lifespan than the access token.