Generate tokens¶
POST
https://api.mollie.com/oauth2/tokens
Authentication: OAuth client credentials
Exchange the auth code received at the Authorize endpoint for an actual app access token, with which you can communicate with the Mollie API.
Parameters¶
grant_type
stringrequiredIf you wish to exchange your auth code for an app access token, use grant type authorization_code
. If you wish to
renew your app access token with your refresh token, use grant type refresh_token
.
Possible values: authorization_code
refresh_token
code
stringoptionalauthorization_code
.refresh_token
stringoptionalrefresh_token
.redirect_uri
stringoptionalThe URL the merchant is sent back to once the request has been authorized. It must match the URL you set when registering your app.
Note
When refreshing a token, this parameter is required if the initial authorization_code
grant request
contained a redirect_uri
.
Response¶
200
application/json; charset=utf-8
access_token
stringrefresh_token
stringexpires_in
integertoken_type
stringAs per OAuth standards, the provided app access token can only be used with bearer authentication.
Possible values: bearer
scope
stringExample¶
Initial request¶
1 2 | curl -u app_j9Pakf56Ajta6Y65AkdTtAv:S5lTvMDTjl95HGnwYmsszDtbMp8QBE2lLcRJbD7I https://api.mollie.com/oauth2/tokens \ -d "grant_type=authorization_code&code=auth_IbyEKUrXmGW1J8hPg6Ciyo4aaU6OAu" |
Initial response¶
1 2 3 4 5 6 7 8 9 10 | HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 { "access_token": "access_46EUJ6x8jFJZZeAvhNH4JVey6qVpqR", "refresh_token": "refresh_FS4xc3Mgci2xQ5s5DzaLXh3HhaTZOP", "expires_in": 3600, "token_type": "bearer", "scope": "payments.read organizations.read" } |
Now that we have a refresh token, we should renew the app access token before its expiry date as follows:
Refresh request¶
1 2 | curl -u app_j9Pakf56Ajta6Y65AkdTtAv:S5lTvMDTjl95HGnwYmsszDtbMp8QBE2lLcRJbD7I https://api.mollie.com/oauth2/tokens \ -d "grant_type=refresh_token&refresh_token=refresh_FS4xc3Mgci2xQ5s5DzaLXh3HhaTZOP" |
Refresh response¶
1 2 3 4 5 6 7 8 9 10 | HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 { "access_token": "access_TRbHbeB3my8XywBAdT6HRkGAJMuh4", "refresh_token": "refresh_FS4xc3Mgci2xQ5s5DzaLXh3HhaTZOP", "expires_in": 3600, "token_type": "bearer", "scope": "payments.read organizations.read" } |