light-mode-image
Learn
MATTR VII PlatformIssuance

Exchange authorization code for access token

This endpoint is used to exchange an authorization code or a pre-authorized code for an access token, which is later used to request a credential.

  • In an Authorization Code flow the authorization code is obtained from the authorization endpoint after the user has successfully authenticated.
  • In a Pre-authorized Code flow the pre-authorized code is obtained from the offer URI.

See https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-token-endpoint for more information.

Analytics Events

OPENID_TOKEN_STARTOPENID_TOKEN_SUCCESSOPENID_TOKEN_FAIL
POST/v1/oauth/token
client_idstring

The client identifier.

grant_typestring

The grant type, which must be 'authorization_code'.

Value in"authorization_code"
redirect_uristring

The redirect URI that was used in the authorization request.

codestring

The authorization code obtained from the authorization endpoint.

code_verifierstring

SHA256 hash of the code_challenge in the authorization request.

grant_typestring

The grant type, which must be 'urn:ietf:params:oauth:grant-type:pre-authorized_code'.

Value in"urn:ietf:params:oauth:grant-type:pre-authorized_code"
pre-authorized_codestring

The pre-authorized code obtained from the pre-authorized offer URI

tx_code?string

The transaction code obtained from the pre-authorized offer URI.

Response Body

curl -X POST "https://example.vii.au01.mattr.global/v1/oauth/token" \  -H "Content-Type: application/x-www-form-urlencoded" \  -d 'client_id=string&grant_type=authorization_code&redirect_uri=string&code=string&code_verifier=string'
{
  "access_token": "string",
  "token_type": "Bearer",
  "expires_in": 0,
  "scope": "string"
}
{
  "code": "string",
  "message": "string",
  "details": [
    {
      "value": "string",
      "msg": "Invalid value",
      "param": "id",
      "location": "body"
    }
  ]
}
"Unauthorized"
Empty
Empty

How would you rate this page?