oauth 2.0 - Oauth2 workflow of creating and returning access tokens (using Django) -

after reading lot oauth2.0, still confused regarding following points:

1. when create access token? when user tries log in or when user tries register? token sent in http response after logging in?
2. the client has store access token somewhere can sent in every http request client. should store it?

note: not doing third party authentication, authentication own app. using django web framework, django-tastypie rest api , django-oauth-provider oauth. followed this excellent tutorial still have doubts. appreciated if answer given in context of these frameworks.