These docs are for v1.0. Click to read the latest docs for v2.0.

Token endpoint

The token endpoint is used in third-party apps to obtain Karhoo access tokens by presenting its authorization grant or a refresh token (the prerequisite for using this endpoint is being in possession of either an authorization code or a refresh token).
Authorization code
Primary purpose of this endpoint is to finish the 2-legged authorization process initiated from the /oauth/v2/authorize endpoint. The token endpoint should be called with grant_type=authorization_code and the code received as a query parameter to your redirect_uri.
Refreshing the token
Secondary purpose of this endpoint is to refresh expired access tokens. When an access token expires, the token endpoint should be called with grant_type=refresh_token and the refresh_token obtained previously from either the authorization code flow or the token exchange flow. This allows you to obtain a new access token without being forced to reauthenticate with your username and password/an external token.

In order to use this endpoint your application must be registered within Karhoo auth service as a valid client (assigned with a client_id).

This endpoint is compliant with the OAuth 2.0 Authorization Framework spec.

Log in to see full request history
timestatususer agent
Retrieving recent requests…
LoadingLoading…
Form Data
string
required

An identifier of your app registered within Karhoo auth service as a valid client.

string
required

An authorization grant type.

string

A refresh token (used only when grant_type = refresh_token).

string

An OAuth2 authorization code (used only when grant_type = authorization_code).

string

An OAuth2 redirect URI (used only when grant_type = authorization_code).

Responses

Language
Credentials
:
URL
Click Try It! to start a request and see the response here! Or choose an example:
application/json