SupportWire API
API ReferenceO Auth

Exchange code for token

Back-channel call from your server. Exchange an authorization code for an access token. Authenticate with `client_id`/`client_secret` in the body or via HTTP Basic auth.

POST
/api/oauth/token

Authorization

basicAuth
AuthorizationBasic <token>

client_id:client_secret for the token endpoint.

In: header

Request Body

application/x-www-form-urlencoded

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

curl -X POST "https://example.com/api/oauth/token" \  -H "Content-Type: application/x-www-form-urlencoded" \  -d 'grant_type=authorization_code&code=string&redirect_uri=string'
{
  "access_token": "swot_abc123def456…",
  "token_type": "Bearer",
  "scope": "string"
}
{
  "error": "insufficient_scope",
  "error_description": "The token is missing a required scope."
}
{
  "error": "insufficient_scope",
  "error_description": "The token is missing a required scope."
}

Grant consent

Approve the authorization and mint a single-use authorization code.

Current token

Describe the current access token — its app, organization, actor and granted scopes.