Skip to main content
POST
/
v5
/
auth
/
token
Retrieve access token
curl --request POST \
  --url https://sandbox.hurdlr.com/rest/v5/auth/token \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data client_id= \
  --data client_secret= \
  --data grant_type= \
  --data refresh_token= \
  --data code= \
  --data userId=
{
  "access_token": "00f6b2b68eb9459eab681d19aa86c6154e225068f3074d1d9b639316d5380a4c.91d620872c3b438ba33f4baaca124624",
  "refresh_token": "7369c0ee82194721ac6f633ec16206f348680736e80e4aacb85d4fbce0ee9669.56b43c61141541dc858dd8613959389a",
  "expires_in": 7776000,
  "created_at": 1599065168,
  "scope": "token"
}

Documentation Index

Fetch the complete documentation index at: https://docs.tight.com/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Body

application/x-www-form-urlencoded
client_id
string
default:""
required

The client_id of the OAuth 2.0 consumer

client_secret
string
default:""
required

The client_id of the OAuth 2.0 consumer

grant_type
enum<string>
default:""
required

The OAuth 2.0 grant_type. For refreshing an access_token, use 'refresh_token'. For exchanging an authorization code, use 'authorization_code'. And for obtaining an access_token with your userId, use 'client_credentials'

Available options:
refresh_token,
authorization_code,
client_credentials
refresh_token
string
default:""

The refresh_token of the OAuth 2.0 access_token; required if grant_type is 'refresh_token'

code
string
default:""

The authorization code, obtained by having the user login to the oauth 'authorize' website; required if grant_type is 'authorization_code'

userId
string
default:""

Id of the user in your DB; required if grant_type is 'client_credentials'

Response

200 - application/json

Successful operation

access_token
string
Example:

"00f6b2b68eb9459eab681d19aa86c6154e225068f3074d1d9b639316d5380a4c.91d620872c3b438ba33f4baaca124624"

refresh_token
string
Example:

"7369c0ee82194721ac6f633ec16206f348680736e80e4aacb85d4fbce0ee9669.56b43c61141541dc858dd8613959389a"

expires_in
integer<int32>
Example:

7776000

created_at
integer<int64>
Example:

1599065168

scope
string
Example:

"token"