/Phin%20Logo%20Stacked.png?width=60&height=60&name=Phin%20Logo%20Stacked.png)
Phin Security API Access Tokens
Technical documentation on the route used to obtain an access token that can be used to get your data from the Phin API.
Body Reference
| Field | Type | Example |
| client_id | string | “ZzyourClientIdzZ” |
| client_secret | string | “superSecretString” |
| audience | constant string | "https://public.api.phinsec.io" |
| grant_type | constant string | "client_credentials" |
Body Sample
{
"client_id":"YOUR_CLIENT_ID",
"client_secret":"YOUR_CLIENT_SECRET",
"audience":"<https://public.api.phinsec.io>",
"grant_type":"client_credentials"
}
Response Reference
| Field | Type | Example |
| access_token | string | “eyBbase64EncodedString” |
| expires_in | number (seconds) | 86400 |
| token_type | string | Bearer |
Response Sample
{
"access_token": "YOUR_ACCESS_TOKEN",
"expires_in": 86400,
"token_type": "Bearer"
}
Error Reference
| Code | Message | Explanation |
|---|---|---|
| 403 | unauthorized_client | You probably spelled “client_credentials” improperly in the “grant_type” |
| 403 | access_denied | You may have not spelled the “audience” properly |
| 403 | Unauthorized | You have incorrectly entered the client_id or client_secret |