Token Endpoint

POST 
/oauth2/token

Exchange an authorization code for access and refresh tokens, or refresh an existing token.

Requires client authentication via client_id and client_secret in the request body or via HTTP Basic Auth.

Request

Responses

200

OK

400

Bad Request (invalid grant, expired code, etc.)