Skip to main content
POST
Request an access token

Authorizations

Authorization
string
header
required

Your client ID and client secret, sent as HTTP Basic credentials.

Body

application/x-www-form-urlencoded
grant_type
enum<string>
required

Must be client_credentials.

Available options:
client_credentials
scope
string
required

Space-delimited list of scopes to request. Required — there are no default scopes. Must be a subset of the scopes provisioned on your client.

Example:

"decisions:create"

audience
string
required

Space-delimited list of audiences — the service instances the token may call. Each audience is the instance name only, not its full hostname (for example, my-lovely-specter-42, not my-lovely-specter-42.eu1.on-hellgate.cloud). Required — there is no default audience. Must be within the audiences provisioned on your client. The target service validates the token's aud claim on each request.

Example:

"my-lovely-specter-42"

Response

The access token was issued.

access_token
string
required

The signed JWT to send as a bearer token on API requests.

token_type
string
required

Always bearer.

Example:

"bearer"

expires_in
integer
required

Seconds until the token expires. Tokens are valid for 30 minutes.

Example:

1800

scope
string

The scopes granted on the token.

Example:

"decisions:create"