Get Access Token

In this guide you will learn how to obtain an access token using an API Token. This short lived access token must be included in every request to our APIs and services. Therefore it is essential to understand how to obtain it.

Prerequisites

Make sure to have your API Token ready.
Learn in the previous guide how to create an App & API Token.

Beside the API Token, you need to know the App Id of your App. You can find the id in the App detail page in the Console.

Request Access Token

To obtain an access token, you need to send a POST request to the token endpoint.

A detailed description of the endpoint can be found in the API Reference.

Request

POST /api/token/v1/tokens/access-token

{
    "client_id": string,
    "grant_type": "refresh_token",
    "refresh_token": string,
    "scope": "openid"
}

client_id - The Id of the App the API Token is issued for.
grant_type - Specify the grant_type refresh_token for this request.
refresh_token - The API token you want to use to obtain a new access token.
scope - Specify openid as access permissions scope.

Response

Upon successful authentication and token validation, a new access token is returned in the response body:

{
  "access_token": string
}

access_token - The access token you can use to access M-Trust APIs and services.

Persist the access token in memory. It is valid for a short period of time and must be included in every request to our APIs and services.

Request Access Token​

Request​

Response​

Request Access Token

Request

Response