POST
/
partner
/
oauth
/
token
curl -X POST \
  $AUTH_HEADERS \
  https://api.thanxsandbox.com/partner/oauth/token \
  -d '{
    "merchant_id": "k2lye10h32l5wzo",
    "email": "example@example.com",
    "expires_in": 3600
  }'
{
  "access_token": "945148251b603ae34561d90acfe4050e67494d6d1e65d4d3d52798407f03c0bd",
  "token_type": "Bearer",
  "scope": "passwordless",
  "created_at": 1577836800,
  "expires_in": 3600
}
Scope required: auth.create
This endpoint allows for the programmatic generation of an API access token for a given user. This access token can then be used with the Consumer API or the Loyalty API. Programmatic generation of access tokens on behalf of users is designed to support integration partners using custom authentication mechanisms. This allows for generation of access tokens that can be used with either the consumer or loyalty APIs depending on the integration use-case. This enables integration partners to have complete flexibility in their management of user authentication - using Thanx Auth, a self-hosted authentication implementation, or a third-party authentication provider.

Parameters

merchant_id
string
required
Merchant ID
user_id
string
Thanx User ID. One of user_id, email, or phone must be specified.
email
string
Email address. One of user_id, email, or phone must be specified.
phone
string
Email address. One of user_id, email, or phone must be specified.
expires_in
integer
The number of seconds after which this access token will expire. Defaults to no expiration for integrations that require long-lived access tokens. If your integration does not require long-lived access tokens, we highly recommend this value to be specified. The allowed values are between 60s and 3600s (1 hour).

Response

access_token
string
The user’s access token, for use in accessing the Consumer API
token_type
string
The type of token, “Bearer”
scope
string
The API scopes granted to the access token
created_at
integer
The number of seconds since the epoch
expires
integer
The number of seconds after which this access token will expire
curl -X POST \
  $AUTH_HEADERS \
  https://api.thanxsandbox.com/partner/oauth/token \
  -d '{
    "merchant_id": "k2lye10h32l5wzo",
    "email": "example@example.com",
    "expires_in": 3600
  }'
{
  "access_token": "945148251b603ae34561d90acfe4050e67494d6d1e65d4d3d52798407f03c0bd",
  "token_type": "Bearer",
  "scope": "passwordless",
  "created_at": 1577836800,
  "expires_in": 3600
}