Authentication Tokens
GSSAPI uses tokens to maintain the synchronization between the applications sharing a security context. The token is a cryptographically protected bit string generated by DCE Security at one end of the GSSAPI security context for use by the peer application at the other end of the security context. The data type is opaque to the caller.
The applications use the gss_buffer_t data type as tokens to GSSAPI routines.