Create Access Token
Exchange API Client credentials for a short-lived access token used to authenticate all subsequent API calls.
Endpoint
http
POST /wlte/v1/auth/tokenPurpose
Issues an OpenAPI access token for a machine client.
This is not a user login endpoint. This endpoint does not require an Authorization request header.
Request
Full URL:
http
POST {baseUrl}/wlte/v1/auth/tokenRequest headers:
http
Content-Type: application/json
Accept: application/jsonRequest body:
json
{
"clientId": "cli_xxxxx",
"clientSecret": "sec_xxxxx"
}Field rules:
clientIdis required, must be a non-empty stringclientSecretis required, must be a non-empty string
Success Response
HTTP status:
text
200 OKResponse body:
json
{
"code": "SUCCESS",
"message": "OK",
"data": {
"accessToken": "eyJ...",
"tokenType": "Bearer",
"expiresIn": 3600
}
}Field rules:
accessTokenis a Bearer tokentokenTypeis alwaysBearerexpiresInis in seconds- The default access token lifetime is
3600seconds
Client handling:
- Clients should cache the access token until it is close to expiration
- Clients should request a new access token before
expiresInis reached - After receiving
401 AUTH_EXPIRED, clients may request a new access token and retry the failed request once
Response data Schema
| Field | Type | Required | Description |
|---|---|---|---|
accessToken | string | Yes | Bearer token used in subsequent requests |
tokenType | string | Yes | Always Bearer |
expiresIn | integer | Yes | Token lifetime in seconds |
Error Example
json
{
"code": "AUTH_INVALID",
"message": "invalid credentials"
}Error Responses
Possible responses:
400 INVALID_REQUEST401 AUTH_INVALID403 APP_DISABLED500 INTERNAL_ERROR
Notes:
- Missing
clientIdorclientSecretreturns400 INVALID_REQUEST - Invalid
clientIdorclientSecretreturns401 AUTH_INVALID - Disabled API clients return
403 APP_DISABLED
Rules
- This endpoint is for machine clients only, not user login
- Does not return
refreshToken - Does not return user profile data
- Request and response fields use camelCase
- This endpoint exchanges API client credentials directly for an access token