Create an access token
client_id and client_secret to generate an access token.
POST
/oauth2/token
|
|
Successfully exchanged the code to create a token
Possible responses that can be made to the /token endpoints. The type of response returned here will mirror the type of the request.
{
"access_token": "i1qxz68gu50zp4i8ceyxqogmq7y0yienm52351c6...",
"expires_in": 1736966581,
"refresh_token": "i1qxz68gu50zp4i8ceyxqogmq7y0yienm52351c6...",
"scope": "/accounts.write",
"token_type": "Bearer"
}Failure create token
{
"error": "invalid_request"
}The request body could not be processed
{
"refresh_token": "string",
"scope": "string"
}Request was refused due to rate limiting.
Response headers
Retry-After
number
Body
application/json
Client Credentials Grant per the RFC 6749 of OAuth 2.0 Authorization Framework. Following this specification will allow any tooling to be able to use this API to get an access_token.
grant_type
string<enum>
required
Possible values:
client_credentials,
refresh_token
client_id
string
If not specified in
Authorization: Basic it can be specified here.
client_secret
string
If not specified in
Authorization: Basic it can be specified here.
refresh_token
string
<=4096 characters
String passed to the authorization server to gain access to the system.
scope
string
A space-delimited list of scopes that are allowed.
Response
application/json
Device model
access_token
string
<=4096 characters
String passed to the authorization server to gain access to the system.
expires_in
integer<int32>
Unix timestamp indicating when this token expires.
refresh_token
string
<=4096 characters
String passed to the authorization server to gain access to the system.
scope
string
A space-delimited list of scopes that are allowed.