Exchange authorization code for access token
This endpoint is used to exchange an authorization code or a pre-authorized code for an access token, which is later used to request a credential.
- In an Authorization Code flow the authorization code is obtained from the authorization endpoint after the user has successfully authenticated.
- In a Pre-authorized Code flow the pre-authorized code is obtained from the offer URI.
See https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-token-endpoint for more information.
Analytics Events
/v1/oauth/token
The client identifier.
The grant type, which must be 'authorization_code'.
"authorization_code"
The redirect URI that was used in the authorization request.
The authorization code obtained from the authorization endpoint.
SHA256 hash of the code_challenge
in the authorization request.
The grant type, which must be 'urn:ietf:params:oauth:grant-type:pre-authorized_code'.
"urn:ietf:params:oauth:grant-type:pre-authorized_code"
The pre-authorized code obtained from the pre-authorized offer URI
The transaction code obtained from the pre-authorized offer URI.
Response Body
curl -X POST "https://example.vii.au01.mattr.global/v1/oauth/token" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d 'client_id=string&grant_type=authorization_code&redirect_uri=string&code=string&code_verifier=string'
{
"access_token": "string",
"token_type": "Bearer",
"expires_in": 0,
"scope": "string"
}
{
"code": "string",
"message": "string",
"details": [
{
"value": "string",
"msg": "Invalid value",
"param": "id",
"location": "body"
}
]
}
"Unauthorized"
How would you rate this page?