Grant authentication token

Retrieve a JWT-compliant access token for use with all other endpoints.


All tokens currently expire after 24 hours (86,400 seconds), but we suggest refreshing tokens every 12 hours (43,200 seconds).

Here's an example of using the returned token in an API call:

curl \
  --url "" \
  --oauth2-bearer "eyJhbGciOiJ...2hUye_4CpIvQ"

See our guide on using API credentials for more details.

This endpoint is OAuth 2.0-compliant. A successful response from this endpoint adheres to the structure given in RFC 6749, section 5.1, while a failed response adheres to the structure given in section 5.2. As a consequence, you can use this endpoint in OAuth 2.0 clients and libraries without needing to explicitly call it in your own code.