{
    "description": "OAuthAccessToken describes an OAuth access token. The name of a token must be prefixed with a `sha256~` string, must not contain \"/\" or \"%\" characters and must be at least 32 characters long. \n The name of the token is constructed from the actual token by sha256-hashing it and using URL-safe unpadded base64-encoding (as described in RFC4648) on the hashed result. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
    "properties": {
        "apiVersion": {
            "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
            "type": "string"
        },
        "authorizeToken": {
            "description": "AuthorizeToken contains the token that authorized this token",
            "type": "string"
        },
        "clientName": {
            "description": "ClientName references the client that created this token.",
            "type": "string"
        },
        "expiresIn": {
            "description": "ExpiresIn is the seconds from CreationTime before this token expires.",
            "format": "int64",
            "type": "integer",
            "minimum": -9223372036854776000,
            "maximum": 9223372036854776000
        },
        "inactivityTimeoutSeconds": {
            "description": "InactivityTimeoutSeconds is the value in seconds, from the CreationTimestamp, after which this token can no longer be used. The value is automatically incremented when the token is used.",
            "format": "int32",
            "type": "integer",
            "minimum": -2147483648,
            "maximum": 2147483647
        },
        "kind": {
            "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
            "type": "string"
        },
        "metadata": {
            "type": "object"
        },
        "redirectURI": {
            "description": "RedirectURI is the redirection associated with the token.",
            "type": "string"
        },
        "refreshToken": {
            "description": "RefreshToken is the value by which this token can be renewed. Can be blank.",
            "type": "string"
        },
        "scopes": {
            "description": "Scopes is an array of the requested scopes.",
            "items": {
                "type": "string"
            },
            "type": "array"
        },
        "userName": {
            "description": "UserName is the user name associated with this token",
            "type": "string"
        },
        "userUID": {
            "description": "UserUID is the unique UID associated with this token",
            "type": "string"
        }
    },
    "type": "object",
    "additionalProperties": false,
    "$schema": "http://json-schema.org/draft-04/schema#"
}