Generate OAuth access token
OAuth
Generate OAuth Access Token
🔓 PUBLIC ENDPOINT: Generates an OAuth2 access token using client credentials flow. Requires valid client_id and client_secret. Token scopes are validated against application configuration. Rate limit: 10 requests per minute.
POST
Generate OAuth access token
Generates an OAuth2 access token using client credentials flow.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
clientId | string | Yes | Client ID of the OAuth application |
clientSecret | string | Yes | Client secret of the OAuth application |
scopes | array | Yes | OAuth scopes requested |
userId | string | No | User ID for user-specific tokens |
Example Request
Example Response
Token Scopes
Token scopes are validated against the OAuth application configuration. Only scopes configured for the application can be requested.Using the Token
Include the access token in API requests:Token Expiry
Access tokens expire after 1 hour (3600 seconds). Use the refresh token endpoint to get a new token.Common Errors
400 Bad Request
Invalid request. Check required fields: client_id, client_secret, scopes.401 Unauthorized
Invalid client credentials. Check client_id and client_secret.429 Too Many Requests
Rate limit exceeded. Maximum 10 requests per minute for token generation.Body
application/json
Client ID of the OAuth application
Example:
"app_1234567890abcdef"
Client secret of the OAuth application
Example:
"cs_1234567890abcdef"
OAuth scopes requested
Example:
["read:organization"]User ID for user-specific tokens
Example:
"550e8400-e29b-41d4-a716-446655440000"
Response
Access token generated successfully. Returns token, type (Bearer), expiration time, and granted scopes.