Skip to main content
POST
/
oauth
/
token
OAuth2 Token Endpoint
curl --request POST \
  --url {protocol}://{domain}/oauth/token \
  --header 'Content-Type: application/json' \
  --data '
{
  "client_id": "<string>",
  "code": "<string>",
  "redirect_uri": "<string>",
  "client_secret": "<string>",
  "code_verifier": "<string>",
  "refresh_token": "<string>"
}
'
{
  "access_token": "<string>",
  "expires_in": 123,
  "refresh_token": "<string>",
  "scope": "<string>"
}

Documentation Index

Fetch the complete documentation index at: https://docs.getcore.me/llms.txt

Use this file to discover all available pages before exploring further.

Body

grant_type
enum<string>
required
Available options:
authorization_code,
refresh_token
client_id
string
required

OAuth2 client ID

code
string

Authorization code (for authorization_code grant)

redirect_uri
string<uri>

Original redirect URI (for authorization_code grant)

client_secret
string

OAuth2 client secret (if not using PKCE)

code_verifier
string

PKCE code verifier (for PKCE flow)

refresh_token
string

Refresh token (for refresh_token grant)

Response

Token issued successfully

access_token
string

The access token

token_type
enum<string>
Available options:
Bearer
expires_in
integer

Access token lifetime in seconds

refresh_token
string

Refresh token (if applicable)

scope
string

Space-separated list of granted scopes