Oauth token endpoint

POST /v2/oauth/token

Oauth token endpoint to generate access token

Request

Header Parameters

Authorization string

Required for confidential application, JWT bearer token for jwt-bearer grant or basic token for other grant_type

application/x-www-form-urlencoded

Body

grant_type stringrequired

Possible values: [authorization_code, refresh_token, client_credentials, urn:ietf:params:oauth:grant-type:jwt-bearer]

assertion string

Required if grant_type is JWT Bearer Grant

scope string

Scopes that will be granted to JWT, space delimited, default to client application's configured scopes

tenant_connection_code string

Use with jwt-bearer or client_credentials, tenant connection code that client application wants to access, default to application's tenant if not specified

refresh_token string

Refresh token that will be used with grant type refresh_token

code string

Authorization code, required for authorization_code grant type

redirect_uri string

Redirect uri used in authorization code flow, required for authorization_code and refresh_token grant type

code_verifier string

Code verifier needed for Authorization Code Flow with PKCE

client_id string

Client id is needed for public application (SPA, mobile app) if authorization header was not used

Responses

application/json

Schema
Example (from schema)

Schema

access_token string

refresh_token string

Refresh token will be returned or not depends on grant_type

token_type string

Access token type (Bearer)

scopes string[]

The scopes that the token has

expires_in int64

Token expires time in seconds

{
  "access_token": "string",
  "refresh_token": "string",
  "token_type": "string",
  "scopes": [
    "string"
  ],
  "expires_in": 0
}

Oauth token endpoint

/v2/oauth/token

Request​

Header Parameters

Body

Responses​

Request

Responses