Create Access Token

curl -X POST \
  -H 'X-ClientId: ${client_id}' \
  -H 'Accept-Version: v4.0' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer ${access_token}' \
  https://api.thanxsandbox.com/partner/oauth/token \
  -d '{
    "merchant_id": "k2lye10h32l5wzo",
    "email": "[email protected]",
    "expires_in": 3600
  }'

{
  "access_token": "945148251b603ae34561d90acfe4050e67494d6d1e65d4d3d52798407f03c0bd",
  "token_type": "Bearer",
  "scope": "passwordless",
  "created_at": 1577836800,
  "expires_in": 3600
}

POST

partner

oauth

token

curl -X POST \
  -H 'X-ClientId: ${client_id}' \
  -H 'Accept-Version: v4.0' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer ${access_token}' \
  https://api.thanxsandbox.com/partner/oauth/token \
  -d '{
    "merchant_id": "k2lye10h32l5wzo",
    "email": "[email protected]",
    "expires_in": 3600
  }'

{
  "access_token": "945148251b603ae34561d90acfe4050e67494d6d1e65d4d3d52798407f03c0bd",
  "token_type": "Bearer",
  "scope": "passwordless",
  "created_at": 1577836800,
  "expires_in": 3600
}

Scope required: auth.create

This endpoint allows for the programmatic generation of an API access token for a given user. This access token can then be used with the Consumer API or the Loyalty API. Programmatic generation of access tokens on behalf of users is designed to support integration partners using custom authentication mechanisms. This allows for generation of access tokens that can be used with either the consumer or loyalty APIs depending on the integration use-case. This enables integration partners to have complete flexibility in their management of user authentication - using Thanx Auth, a self-hosted authentication implementation, or a third-party authentication provider.

Parameters

merchant_id

string

required

Merchant ID

user_id

string

Thanx User ID. One of user_id, email, or phone must be specified.

string

Email address. One of user_id, email, or phone must be specified.

phone

string

Email address. One of user_id, email, or phone must be specified.

expires_in

integer

The number of seconds after which this access token will expire. Defaults to no expiration for integrations that require long-lived access tokens. If your integration does not require long-lived access tokens, we highly recommend this value to be specified. The allowed values are between 60s and 3600s (1 hour).

Response

access_token

string

The user’s access token, for use in accessing the Consumer API

token_type

string

The type of token, “Bearer”

scope

string

The API scopes granted to the access token

created_at

integer

The number of seconds since the epoch

expires

integer

The number of seconds after which this access token will expire

curl -X POST \
  -H 'X-ClientId: ${client_id}' \
  -H 'Accept-Version: v4.0' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer ${access_token}' \
  https://api.thanxsandbox.com/partner/oauth/token \
  -d '{
    "merchant_id": "k2lye10h32l5wzo",
    "email": "[email protected]",
    "expires_in": 3600
  }'

{
  "access_token": "945148251b603ae34561d90acfe4050e67494d6d1e65d4d3d52798407f03c0bd",
  "token_type": "Bearer",
  "scope": "passwordless",
  "created_at": 1577836800,
  "expires_in": 3600
}

Get User Create Purchase

⌘I

Merchant & Partner API

Reference

Create Access Token

Parameters

Response

Merchant & Partner API

Reference

​Parameters

​Response

Parameters

Response