The token endpoint is used by the client to obtain an access token by
presenting its authorization grant or refresh token. The token
endpoint is used with every authorization grant except for the
implicit grant type (since an access token is issued directly).

Log in to see full request history
timestatususer agent
Retrieving recent requests…
LoadingLoading…
Form Data
string
required

Grant type string that the client can use at the token endpoint

string

The authorization code received from OIDC Provider.
Required when doing authorization_code flow.

string

Code verifier used as proof for code exchange.
It is used in authorization_code flow when code_challenge and code_challenge_method
are included in the authorization request.

string

Redirection URI having the same value as it was included in the authorization request.
It is only used in authorization_code flow.

string

The resource owner username. Required for resource owner password credentials (ROPC) flow.

string

The resource owner password. Required for resource owner password credentials (ROPC) flow.

string

The refresh token issued to the client. Required for refresh token flow.

string

A unique identifier to identify the authentication request made by the backchannel Client.
This is required for client initiated backchannel authentication (CIBA) flow.

string

Space-delimited string indicating the scope associated with access request.

string

OAuth2.0 client identifier. Required when the client authentication method is using
"client_secret_post" or "tls_client_auth". It is optional when using "private_key_jwt"
client authentication; when specified it MUST match the "client_assertion" subject.

string

OAuth2.0 client secret. May be specified when using "client_secret_post" client
authentication method.

string

The "private_key_jwt" assertion being used to authenticate the client.

string

Type of the client assertion.

Headers
string

MTLS Client Certificate

Responses

Language
Credentials
:
URL
Click Try It! to start a request and see the response here! Or choose an example:
application/json