> ## Documentation Index
> Fetch the complete documentation index at: https://www.text.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Token

> This endpoint is used by confidential and public clients to exchange an authorization code for an access token.
Depending on the application type, the following parameters are required for `grant_type=code`:
* Confidental (private) client – `client_secret` is required
* Public client – matching `code_verifier` is required for `code_challenge` sent during the authentication request.

Refresh tokens issued for public clients are single-use only – a new refresh token is issued upon successful authorization.



## OpenAPI

````yaml /api/global-accounts/openapi.json post /token
openapi: 3.0.0
info:
  title: Global Accounts API
  description: >-
    API used to manage Organizations and Accounts for multiple products. Also
    responsible for authorization and authentication processes.
  version: 2.0.0
servers:
  - url: https://accounts.livechat.com/v2
    description: Main production server URL
security: []
paths:
  /token:
    post:
      tags:
        - Tokens
      summary: Token
      description: >-
        This endpoint is used by confidential and public clients to exchange an
        authorization code for an access token.

        Depending on the application type, the following parameters are required
        for `grant_type=code`:

        * Confidental (private) client – `client_secret` is required

        * Public client – matching `code_verifier` is required for
        `code_challenge` sent during the authentication request.


        Refresh tokens issued for public clients are single-use only – a new
        refresh token is issued upon successful authorization.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              oneOf:
                - title: Code Exchange
                  allOf:
                    - description: >-
                        The set of parameters required for the exchange of the
                        code to an access token.
                      type: object
                      required:
                        - client_id
                        - grant_type
                        - redirect_uri
                        - code
                      properties:
                        client_id:
                          description: >-
                            The unique ID of the OAuth client that makes the
                            authorization request.
                          type: string
                        grant_type:
                          description: The selected authorization grant type.
                          enum:
                            - code
                          type: string
                        redirect_uri:
                          description: >-
                            The application's `redirect_uri` for which the grant
                            was requested.
                          type: string
                        code:
                          description: The authorization code.
                          type: string
                        client_secret:
                          description: >-
                            The secret associated with the OAuth client that
                            makes the request.
                          type: string
                        code_verifier:
                          description: >-
                            The authorization code verifier used to verify if
                            the requester is a legitimate authorization code
                            recipient.
                          type: string
                - title: Refresh Token Exchange
                  allOf:
                    - description: >-
                        The set of parameters required for the exchange of a
                        refresh token to an access token.
                      type: object
                      required:
                        - refresh_token
                        - client_id
                        - client_secret
                        - grant_type
                      properties:
                        refresh_token:
                          description: The refresh token.
                          type: string
                        client_id:
                          description: >-
                            The unique ID of the OAuth client that makes the
                            authorization request.
                          type: string
                        client_secret:
                          description: >-
                            The secret associated with the OAuth client that
                            makes the request.
                          type: string
                        grant_type:
                          description: The selected authorization grant type.
                          enum:
                            - refresh_token
                          type: string
            example:
              grant_type: code
              client_id: 0805e283233042b37f460ed8fbf22160
              client_secret: secret
              redirect_uri: https://my.app.com/callback
              code: us-south1:test_tW5tQ-yBR2iQgGM6rWbz3w
      responses:
        '200':
          description: 'OK: Returns a new token.'
          content:
            application/json:
              schema:
                description: >-
                  Represents an OAuth 2 token with details about its scope,
                  validity, and associated account.
                type: object
                properties:
                  access_token:
                    type: string
                    description: >-
                      The actual token string that is used for authorization in
                      API requests.
                  account_id:
                    type: string
                    format: uuid
                    description: >-
                      The unique identifier of the account for which the token
                      has been issued.
                  client_id:
                    type: string
                    description: >-
                      The unique identifier of the OAuth client for which the
                      token has been issued.
                  expires_in:
                    type: integer
                    format: uint64
                    description: Duration (in seconds) after which the token will expire.
                  organization_id:
                    type: string
                    format: uuid
                    description: >-
                      The unique identifier of the organization for which the
                      token has been issued.
                  refresh_token:
                    type: string
                    description: >-
                      An optional token that can be used to obtain a new access
                      token once the current one expires. Not available for
                      tokens minted with implicit grant flow.
                    nullable: true
                  scope:
                    type: string
                    description: >-
                      List of permissions granted to the token, separated by
                      commas.
                  token_type:
                    type: string
                    description: The type of the access token.
              example:
                access_token: >-
                  us-south1:test_tW5tQ-yBR2iQgGM6rWbz3w.lfVHLsxoJnrNJZ7JFZkYFwTEr2g-d3nPvt
                account_id: 496a94f2-cbbf-444e-a3cb-305b9f5f8cbb
                client_id: 0805e283233042b37f460ed8fbf22160
                expires_in: 28800
                organization_id: b2185556-634c-4ecf-b4c9-bcf8b65bc853
                refresh_token: null
                scope: accounts--my:rw accounts--all:ro
                token_type: Bearer
        '401':
          description: >-
            Client isn't authorized to request a token using this method or the
            provided parameters are invalid.
          content:
            application/json:
              schema:
                allOf:
                  - description: The default error object.
                    type: object
                    properties:
                      error:
                        description: The error code.
                        type: string
                        enum:
                          - bad_request
                          - invalid_request
                          - unauthorized_client
                          - unauthorized
                          - access_denied
                          - unsupported_response_type
                          - invalid_scope
                          - server_error
                          - temporarily_unavailable
                          - unsupported_grant_type
                          - invalid_grant
                          - invalid_client
                          - conflict
                          - resource_not_found
                          - join_link_expired
                          - traffic_blocked
                          - not_implemented
                      error_description:
                        type: string
                      sub_error:
                        description: The error subcode.
                        type: string
                        nullable: true
                      request_id:
                        description: Unique request identifier.
                        type: string
                        format: uuid
                  - type: object
                    properties:
                      error:
                        type: string
                      error_description:
                        type: string
              example:
                error: unauthorized
                error_description: The account is not authorized.
                request_id: 5903c51b-89f0-41a9-a25d-4f39af100353
        '403':
          description: >-
            Request not authorized. Resource owner could unauthorize request;
            wrong or unsupported `grant_type` provided; wrong `scope` provided.
          content:
            application/json:
              schema:
                allOf:
                  - description: The default error object.
                    type: object
                    properties:
                      error:
                        description: The error code.
                        type: string
                        enum:
                          - bad_request
                          - invalid_request
                          - unauthorized_client
                          - unauthorized
                          - access_denied
                          - unsupported_response_type
                          - invalid_scope
                          - server_error
                          - temporarily_unavailable
                          - unsupported_grant_type
                          - invalid_grant
                          - invalid_client
                          - conflict
                          - resource_not_found
                          - join_link_expired
                          - traffic_blocked
                          - not_implemented
                      error_description:
                        type: string
                      sub_error:
                        description: The error subcode.
                        type: string
                        nullable: true
                      request_id:
                        description: Unique request identifier.
                        type: string
                        format: uuid
                  - type: object
                    properties:
                      error:
                        type: string
                      sub_error:
                        type: string
                      error_description:
                        type: string
              example:
                error: access_denied
                sub_error: insufficient_scope
                error_description: The resource owner or authorization server denied the request.
                request_id: 5903c51b-89f0-41a9-a25d-4f39af100353
        '422':
          description: Invalid request, missing required parameters
          content:
            application/json:
              schema:
                allOf:
                  - description: The default error object.
                    type: object
                    properties:
                      error:
                        description: The error code.
                        type: string
                        enum:
                          - bad_request
                          - invalid_request
                          - unauthorized_client
                          - unauthorized
                          - access_denied
                          - unsupported_response_type
                          - invalid_scope
                          - server_error
                          - temporarily_unavailable
                          - unsupported_grant_type
                          - invalid_grant
                          - invalid_client
                          - conflict
                          - resource_not_found
                          - join_link_expired
                          - traffic_blocked
                          - not_implemented
                      error_description:
                        type: string
                      sub_error:
                        description: The error subcode.
                        type: string
                        nullable: true
                      request_id:
                        description: Unique request identifier.
                        type: string
                        format: uuid
                  - type: object
                    properties:
                      error:
                        type: string
                      error_description:
                        type: string
                      invalid_fields:
                        type: object
                        additionalProperties:
                          type: string
              example:
                error: invalid_request
                error_description: >-
                  The request is missing a required parameter, includes an
                  invalid parameter value, includes a parameter more than once,
                  or is otherwise malformed.
                invalid_fields:
                  email: invalid email address
                request_id: 5903c51b-89f0-41a9-a25d-4f39af100353
        '429':
          description: >-
            Temporarily unavailable. The server cannot currently handle the
            request.
          content:
            application/json:
              schema:
                allOf:
                  - description: The default error object.
                    type: object
                    properties:
                      error:
                        description: The error code.
                        type: string
                        enum:
                          - bad_request
                          - invalid_request
                          - unauthorized_client
                          - unauthorized
                          - access_denied
                          - unsupported_response_type
                          - invalid_scope
                          - server_error
                          - temporarily_unavailable
                          - unsupported_grant_type
                          - invalid_grant
                          - invalid_client
                          - conflict
                          - resource_not_found
                          - join_link_expired
                          - traffic_blocked
                          - not_implemented
                      error_description:
                        type: string
                      sub_error:
                        description: The error subcode.
                        type: string
                        nullable: true
                      request_id:
                        description: Unique request identifier.
                        type: string
                        format: uuid
                  - type: object
                    properties:
                      error:
                        type: string
                      error_description:
                        type: string
              example:
                error: temporarily_unavailable
                error_description: >-
                  The server is currently unable to handle the request due to a
                  temporary overloading or maintenance of the server.
                request_id: 5903c51b-89f0-41a9-a25d-4f39af100353
        '500':
          description: Server Error.
          content:
            application/json:
              schema:
                allOf:
                  - description: The default error object.
                    type: object
                    properties:
                      error:
                        description: The error code.
                        type: string
                        enum:
                          - bad_request
                          - invalid_request
                          - unauthorized_client
                          - unauthorized
                          - access_denied
                          - unsupported_response_type
                          - invalid_scope
                          - server_error
                          - temporarily_unavailable
                          - unsupported_grant_type
                          - invalid_grant
                          - invalid_client
                          - conflict
                          - resource_not_found
                          - join_link_expired
                          - traffic_blocked
                          - not_implemented
                      error_description:
                        type: string
                      sub_error:
                        description: The error subcode.
                        type: string
                        nullable: true
                      request_id:
                        description: Unique request identifier.
                        type: string
                        format: uuid
                  - type: object
                    properties:
                      error:
                        type: string
                      error_description:
                        type: string
              example:
                error: server_error
                error_description: >-
                  The server encountered an unexpected condition that prevented
                  it from fulfilling the request.
                request_id: 5903c51b-89f0-41a9-a25d-4f39af100353

````