Create a Token
This page explains how to request an authentication token in our system.
Request a Token
To authenticate with our API, you need to request an access token using your credentials. Below is an example of how to do this using cURL:
curl --request POST \
--url \{\{baseUrl\}\}/v2/oauth/token \
--header 'Content-Type: application/json' \
--header 'User-Agent: insomnia/10.3.1' \
--data '{
"client_id": "c1a9beda-b14c-4eb5-b880-113023e6fc2d",
"client_secret": "01JNVVQ1X3XYRJYX4BJ7Y2QM9K",
"grant_type": "password",
"username": "uber@apex.com",
"password": "Apex1234!"
}'
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
client_id | string | Yes | Your application's client ID |
client_secret | string | Yes | Your application's client secret |
grant_type | string | Yes | Must be set to "password" for this flow |
username | string | Yes | User's email address |
password | string | Yes | User's password |
Response
Upon successful authentication, the server will respond with a JSON object containing the access token and related information:
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ8.",
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.",
"expires_in": 1741604226,
"token_type": "Bearer",
"scope": "public",
"created_at": 1741603326
}
Response Fields
| Field | Type | Description |
|---|---|---|
access_token | string | JWT token to be used for authenticated API requests |
refresh_token | string | Token that can be used to obtain a new access token |
expires_in | number | Token expiration timestamp |
token_type | string | Type of token, always "Bearer" |
scope | string | Permissions granted to this token |
created_at | number | Token creation timestamp |
Using the Token
For subsequent API requests, include the access token in the Authorization header:
curl --request GET \
--url https://api.example.com/resource \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ8.'
Grant Types
| Grant Type | Required Parameters | Description |
|---|---|---|
password | username - password - client_id - client_secret | Authenticates using username and password. Used when obtaining a token for the first time. |
refresh_token | refresh_token - client_id - client_secret | Obtains a new access token using an existing refresh token. Used when the access token has expired. |