Skip to main content
POST
Token

Body

application/json

The set of parameters required for the exchange of the code to an access token.

client_id
string
required

The unique ID of the OAuth client that makes the authorization request.

grant_type
enum<string>
required

The selected authorization grant type.

Available options:
code
redirect_uri
string
required

The application's redirect_uri for which the grant was requested.

code
string
required

The authorization code.

client_secret
string

The secret associated with the OAuth client that makes the request.

code_verifier
string

The authorization code verifier used to verify if the requester is a legitimate authorization code recipient.

Response

OK: Returns a new token.

Represents an OAuth 2 token with details about its scope, validity, and associated account.

access_token
string

The actual token string that is used for authorization in API requests.

account_id
string<uuid>

The unique identifier of the account for which the token has been issued.

client_id
string

The unique identifier of the OAuth client for which the token has been issued.

expires_in
integer<uint64>

Duration (in seconds) after which the token will expire.

organization_id
string<uuid>

The unique identifier of the organization for which the token has been issued.

refresh_token
string | null

An optional token that can be used to obtain a new access token once the current one expires. Not available for tokens minted with implicit grant flow.

scope
string

List of permissions granted to the token, separated by commas.

token_type
string

The type of the access token.