Get the access token.

post https://{tenanturl}/oauth2/token

Use this API to get the OIDC tokens by using the client credentials. For API clients, the returned access tokens can be used to access the APIs that the API client has been granted access to.

Form Data

grant_type

string

required

The grant type.

scope

string

required

Defaults to openid

A space-delimited list of scopes that are associated with this token.

code

string

The authorization code. It is only required for "authorization_code" grant types.

code_verifier

string

The code verifier. This is used to verify the code challenge that was sent at the authorize endpoint. Required if the OIDC client is configured to require proof key for code exchange (PKCE)

redirect_uri

string

The redirect URI. It is only required for "authorization_code" grant types.

refresh_token

string

The refresh token. It is only required for "refresh_token" grant types.

client_id

string

The client ID that is required when the basic authorization header is not set.

client_secret

string

The client secret that is required when the basic authorization header is not set and the client is not a public client.

client_assertion

string

The JWT assertion being used to authenticate the client.

client_assertion_type

string

The format of client assertion.

Headers

Authorization

string

The basic authorization header that contains a base64-encoded client ID and the client secret. Use this header as an alternative to sending the client ID and secret in the form parameters.

Responses

404

The resource was not found.

Language

URL


xxxxxxxxxx
1
curl --request POST \
2
     --url https://tenant_url/oauth2/token \
3
     --header 'accept: application/json' \
4
     --header 'content-type: application/x-www-form-urlencoded' \
5
     --data grant_type=client_credentials \
6
     --data scope=openid

Choose an example:

application/json

200The access token was returned.

400The request was invalid.

500An internal server error occurred.