Gets a token based on grant type.

  • Client invokes this endpoint to exchange the access code for an access token by passing the full redirect URI in the redirect_uri parameter using form serialization.
  • The access code is specified in the URI's code query parameter and the grant_type is set to authorization_code
  • The response params will vary depending upon the grant_type
  • See the OAuth2 spec

Flow Types Grant_Type OAuth App(response) OIDC App(response) Remarks (only for OIDC)
Resource Owner Password Grant password access token NA
Client Credentials client_credentials access token NA
Authorization code flow code / authorization_code access token "access token , id_token" Scope openid is mandatory
Authorization Code with PKCE code / authorization_code access token "access token, id_token" Scope openid is mandatory
refresh_token access token id_token Scope openid is mandatory
Click Try It! to start a request and see the response here!