Obtain an access token

POST 
/oauth/token

This endpoint is used to obtain access token using client credentials grant only, for machine-to-machine (M2M) authentication.

It does not support user-based grants. For user authentication, obtain tokens from one DataWollet's user-based Identity Providers (IDPs). Bearer tokens from these IDPs are also accepted by this API.

This endpoint will accept client credentials using three different formats for convenience:

1. HTTP Basic Auth: Authorization: Basic base64(client_id:client_secret)
2. Form-encoded body: client_id and client_secret in application/x-www-form-urlencoded payload
3. JSON body: client_id and client_secret in application/json payload

Request

Responses

200

Access token issued successfully

400

Bad Request - Invalid grant_type or missing credentials

401

Unauthorized - Client authentication failed

500

Internal Server Error