Create Access Token

Create Access Token

This is an optional, alternative method of authenticating requests to the MoneyKit API. Normally, you can authenticate requests by including X-Client-Id and X-Client-Secret HTTP headers. However, if you prefer, you can instead create a short-lived access token, using this endpoint.

That access_token can then be passed instead of the client/secret headers, as an Authorization: Bearer {access_token} HTTP header.

Note that when the token expires you must create a new one to replace it. The expiration is given as the expires_in response value.

The client_id and client_secret can be supplied to this endpoint as POST body parameters, or as a "Basic" auth header (base64-encoded {client_id:secret}).

URL

POST
/auth/token
Request
curl --request POST \
  --url https://api.moneykit.com/auth/token \
  --header 'Authorization: Basic REPLACE_BASIC_AUTH' \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data grant_type=client_credentials \
  --data scope= \
  --data client_id=live_5c739a369515e10fc9e0 \
  --data client_secret=string
const options = {
  method: 'POST',
  headers: {
    Authorization: 'Basic REPLACE_BASIC_AUTH',
    'content-type': 'application/x-www-form-urlencoded'
  },
  body: new URLSearchParams({
    grant_type: 'client_credentials',
    scope: '',
    client_id: 'live_5c739a369515e10fc9e0',
    client_secret: 'string'
  })
};

fetch('https://api.moneykit.com/auth/token', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));
import requests

url = "https://api.moneykit.com/auth/token"

payload = "grant_type=client_credentials&scope=&client_id=live_5c739a369515e10fc9e0&client_secret=string"
headers = {
    "Authorization": "Basic REPLACE_BASIC_AUTH",
    "content-type": "application/x-www-form-urlencoded"
}

response = requests.request("POST", url, data=payload, headers=headers)

print(response.text)
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "https://api.moneykit.com/auth/token"

	payload := strings.NewReader("grant_type=client_credentials&scope=&client_id=live_5c739a369515e10fc9e0&client_secret=string")

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("Authorization", "Basic REPLACE_BASIC_AUTH")
	req.Header.Add("content-type", "application/x-www-form-urlencoded")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}
require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://api.moneykit.com/auth/token")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Basic REPLACE_BASIC_AUTH'
request["content-type"] = 'application/x-www-form-urlencoded'
request.body = "grant_type=client_credentials&scope=&client_id=live_5c739a369515e10fc9e0&client_secret=string"

response = http.request(request)
puts response.read_body
import Foundation

let headers = [
  "Authorization": "Basic REPLACE_BASIC_AUTH",
  "content-type": "application/x-www-form-urlencoded"
]

let postData = NSMutableData(data: "grant_type=client_credentials".data(using: String.Encoding.utf8)!)
postData.append("&scope=".data(using: String.Encoding.utf8)!)
postData.append("&client_id=live_5c739a369515e10fc9e0".data(using: String.Encoding.utf8)!)
postData.append("&client_secret=string".data(using: String.Encoding.utf8)!)

let request = NSMutableURLRequest(url: NSURL(string: "https://api.moneykit.com/auth/token")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()
Response
{
  "access_token": "52ea3d1b...4f9a53fffb67",
  "token_type": "bearer",
  "expires_in": 3600
}
{
  "error_code": "api_error.auth.unauthorized",
  "error_message": "Accounts access not permitted",
  "documentation_url": string
}
{
  "error_code": "api_error.auth.unauthorized",
  "error_message": "Accounts access not permitted",
  "documentation_url": string
}

client_id

Your application's MoneyKit client ID.

example: live_5c739a369515e10fc9e0

client_secret

Your application's MoneyKit client secret.

grant_type

Token grant type. Only client_credentials or refresh_token supported.

example: client_credentials

scope

Actions to be allowed for this token, given as one or more strings separated by spaces. If omitted, all actions allowed for your application will be granted to this token.

default: ""

client_id

Your application's MoneyKit client ID.

example: live_5c739a369515e10fc9e0

client_secret

Your application's MoneyKit client secret.

grant_type

Token grant type. Only client_credentials or refresh_token supported.

example: client_credentials

scope

Actions to be allowed for this token, given as one or more strings separated by spaces. If omitted, all actions allowed for your application will be granted to this token.

Responses

201

Generated access token.

access_token

: string

Short-lived access token.

example: 52ea3d1b...4f9a53fffb67

token_type

: string

Always "bearer".

example: bearer

expires_in

: integer

How long until access_token expires in seconds.

example: 3600

400

Invalid grant_type

error_code

: string

default: "api_error.auth.unauthorized"

error_message

: string

Error message

example: Accounts access not permitted

documentation_url

401

Unauthorized

error_code

: string

default: "api_error.auth.unauthorized"

error_message

: string

Error message

example: Accounts access not permitted

documentation_url