Skip to main content

Documentation Index

Fetch the complete documentation index at: https://auth0-feat-authentication-api-migration.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

POST /oauth/token This is the OAuth 2.0 grant that server processes use to access an API. Use this endpoint to directly request an access token by using the application’s credentials (a Client ID and a Client Secret).

Responses

200

A successful response will return an access token. 
{
  "access_token":"eyJz93a...k4laUWw",
  "token_type":"Bearer",
  "expires_in":86400
}

Learn More

Parameters

DPoP
string
A DPoP proof for the request. This is optional and only required if your application uses Demonstrating Proof-of-Possession.

Request Body

grant_type
string
required
Denotes the flow you are using. For Client Credentials use client_credentials.Allowed values: client_credentials
client_id
string
required
Your application’s Client ID.
client_secret
string
required
Your application’s Client Secret.
audience
string
required
The unique identifier of the target API you want to access.
resource
string
The identifier of the target API (resource server) you want to access. Must match an API Identifier registered in your Auth0 tenant. Used as an alternative to audience when the tenant’s Resource Parameter Compatibility Profile is set to compatibility.
organization
string
[Recommended]The organization or identifier with which you want the request to be associated. To learn more, read Machine-to-Machine Access for Organizations.

Response

StatusDescription
200Successful response