Exchange client credentials for access token
POST
/oauth2/token
const url = 'https://example.com/oauth2/token';const options = { method: 'POST', headers: {'Content-Type': 'application/x-www-form-urlencoded'}, body: new URLSearchParams({ client_id: 'my-service-account', client_secret: 'secret-value', grant_type: 'client_credentials' })};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://example.com/oauth2/token \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data client_id=my-service-account \ --data client_secret=secret-value \ --data grant_type=client_credentialsAuthenticates a service account using OAuth2 client credentials grant and returns a JWT access token valid for 1 hour.
Request Body
Section titled “Request Body”Media typeapplication/x-www-form-urlencoded
object
client_id
required
Service account ID
string
Example
my-service-accountclient_secret
required
Service account secret
string
Example
secret-valuegrant_type
required
OAuth2 grant type (only ‘client_credentials’ supported)
string
Example
client_credentialsResponses
Section titled “Responses”Authentication successful
Media typeapplication/json
object
access_token
required
JWT access token
string
expires_in
required
Token validity in seconds
number
token_type
required
Token type
string
Example
{ "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "expires_in": 3600, "token_type": "Bearer"}Unsupported grant type
Media typeapplication/json
object
error
required
Error message
string
Example
{ "error": "invalid_client"}Invalid client credentials
Media typeapplication/json
object
error
required
Error message
string
Example
{ "error": "invalid_client"}