Get access or refresh token
Last updated
Last updated
Required scopes: No scopes required.
Requests the OAuth access token. Specify the grant_type as authorization_code, the client_id, and the client_secret in the request body. If you are using the PKCE authentication, you also need to send the code_verifier result.
If you want to request the refresh_token, set the grant_type to refresh_token instead.
If you requested the openid scope in the GET /authorize endpoint, then the response contains the id_token as well.
/token
Specifies the authorization_code you received from the API call GET /authorize. This parameter is required if you set the grant_type to authorization_code.
authorization-codeSets the URI where you want to redirect the client after they receive authorization data. This parameter is required if you set the grant_type to authorization_code.
https://your-redirect-uri.comProvides the code_verifier data for the PKCE authentication. This parameter is required if you set the grant_type to authorization_code.
code-verifierThe client_id and client_secret pair identify the client for the OAuth authorization.
123The client_id and client_secret pair identify the client for the OAuth authorization.
your-client-secretSpecifies the former refresh_token to get a new refresh_token. This parameter is required if you set the grant_type to refresh_token.
your-refresh-tokenSets the type of the authorization data you want to receive.
authorization_code