POST
/
oauth
/
token
curl https://api.thanxsandbox.com/oauth/token \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "grant_type": "authorization_code",
    "client_id": "${client_id}",
    "client_secret": "${client_secret}",
    "code": "${code}",
    "redirect_uri": "https://www.example.com/oauth/callback"
  }'
{
  "token_type": "Bearer",
  "scope": "passwordless",
  "created_at": 1577836800,
  "access_token": "945148251b603ae34561d90acfe4050e67494d6d1e65d4d3d52798407f03c0bd",
  "refresh_token": "c74334301a7c74d21b714c905fd3047177dab56de6a86899e6f6b7f71bab7d55"
}
This same endpoint supports refreshing an access token using the client_id, client_secret, and refresh_token, with grant_type set to refresh_token.

Parameters

grant_type
string
required
authorization_code is the required value
client_id
string
required
OAuth Client ID
client_secret
string
required
OAuth Client Secret
code
string
required
The authorization code received from Thanx via redirect or API
redirect_uri
string
required
The same redirect_uri should be used as in the request for the authorization code

Response

token_type
string
The type of token, usually “Bearer”
scope
string
This will be ‘passwordless’
created_at
integer
The number of seconds since the epoch
access_token
string
The user’s access token, for use in accessing other API endpoints
refresh_token
string
If needed, a refresh token to get another access token
curl https://api.thanxsandbox.com/oauth/token \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "grant_type": "authorization_code",
    "client_id": "${client_id}",
    "client_secret": "${client_secret}",
    "code": "${code}",
    "redirect_uri": "https://www.example.com/oauth/callback"
  }'
{
  "token_type": "Bearer",
  "scope": "passwordless",
  "created_at": 1577836800,
  "access_token": "945148251b603ae34561d90acfe4050e67494d6d1e65d4d3d52798407f03c0bd",
  "refresh_token": "c74334301a7c74d21b714c905fd3047177dab56de6a86899e6f6b7f71bab7d55"
}