Skip to main content
Every API call requires an Access Token to identify the authenticated user. For security purposes, Access Tokens expire after 60 minutes. If you are using , use the provided to obtain a new Access Token. If you are using server authentication, or , make an API call to the to request a new Access Token.

OAuth 2.0

If your application leverages for authentication, you can follow the steps below to obtain a token pair via .
OAuth2.0 token request
  • The grant_type will always be authorization_code.
  • The client_id and client_secret values can be obtained from the Configuration tab for your application in the Developer Console.
To obtain the value for code, build and visit your in your browser. Complete the OAuth 2.0 flow and, upon redirecting to your configured redirect URL, the authorization code will be at the end of the URL. As a reminder, this authorization code is only valid for 30 seconds. This means you must enter it to the designated field in Postman and click Send before it expires. Therefore, we recommend entering the other values so the API call is ready to send as soon as you get the code.
OAuth2.0 token request