API Reference

Get An Access Token

post
https://api.sandbox.usebasis.co/oauth/token

Implements the /token endpoint as defined in OAuth2.1.

Authentication

This endpoint uses Basic authentication. Base64 encode your client_id and client_secret, separated by a colon (:), and include it in the Authorization header of your request.

Authorization: Basic Base64(client_id:client_secret)

Grant Types

  • When exchanging an authorization code for an access_token and refresh_token upon completion of an OAuth flow (e.g. User has authorized your Client to access their Profile), use the authorization_code grant type.
  • When acquiring an access_token with your client_id and client_secret, use the client_credentials grant type. The acceptable scopes are institutions:read and profiles:read.
  • When acquiring a new access_token for a specific profile using a refresh_token, use the refresh_token grant type. The only acceptable scope is profile:read.
Form Data
string
required

authorization_code - requires code and code_verifier parameters
client_credentials - requires scope parameter
refresh_token - requires refresh_token parameter

The authorization code that was returned in the OAuth redirect URI. Required for the authorization_code grant type.

The code verifier that was used to generate the authorization challenge. Required for the authorization_code grant type.

Used to request an access_token scoped to a specific profile. Required for the refresh_token grant type.

A space-delimited list of scopes.

Responses

Updated almost 2 years ago

Language
Credentials
Basic
base64
:
URL
Response 
Click Try It! to start a request and see the response here! Or choose an example:
application/json
Updated almost 2 years ago