tokens

# Overview

This endpoint creates an access token for the OBIE flow to be given to the requesting PSP by the FI.

https://sandbox.konsentus.com/v1/obie/tokens

# Request Properties

# Headers

Authorization REQUIRED

string

Basic Auth Header

fi_reference_id REQUIRED

string

A string representing the FI authenticating with the system

version REQUIRED

string

A string representing version of the API you are using

ccg_token REQUIRED

string

Client credentials grant token

Content-Type REQUIRED

string

Must be set to: application/json

Further information is available on Authentication Headers, Client Credentials Grant Tokens and Version Header.

# Request Body Parameters

auth_code REQUIRED

string

The one-time use authorization code generated by Konsentus, that has a life time of 60 seconds. The authorization code is bound to the PSP and redirection URI.

redirect_uri REQUIRED

string

The redirect URI registered by the PSP with the CA.

# Request Body Example

{
    "auth_code": "333a5720w2jhklq14t",
    "redirect_uri": "https://www.google.com"
  }

# Response Properties

data object

response data

access_token string

The access token generated by Konsentus. The authorization code is bound to the client identifier and redirection URI. If grant_type in the request was set to client_credentials then the token in the response will be hardcoded to good-access-token.

expires_in integer

If the access token expires, the server replies with the duration of time the access token is granted for.

token_type string

The type of token, typically just the string 'bearer’.

state string

An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client. The parameter is used for preventing cross-site request forgery.

errors array<object>

See error documentation for fields and descriptions

# Responses

# 201

Request received and access token created.

{
  "data": {
    "access_token": string,
    "expires_in": integer,
    "token_type": string,
    "state": string,
  }
}

# 400

Request received missing parameters or malformed.

{
  "errors": [{
    "id": string,
    "code": string,
    "title": string,
    "link": string
  }]
}

# 401

Unable to Authorize.

{
  "errors": [{
    "id": string,
    "code": string,
    "title": string,
    "link": string
  }]
}

# 403

Forbidden.

{
  "errors": [{
    "id": string,
    "code": string,
    "title": string,
    "link": string
  }]
}

# Response Example

# 201 CREATED

# Success

{
  "data": {
    "access_token": "8c9378f8-e27f-4e0a-a643-d73585d1249f",
    "expires_in": 31104000,
    "token_type": "bearer",
    "state": "example-state",
  }
}

← POST /v1/obie/authorization_codes GET /v1/obie/tokens/{token} →