Generate Access Token API
This API is used to generate an access token using the client secret created from the CFC settings page. The generated access token can then be used to access the protected business resource APIs.
Rate limiting
This API is rate limited to a maximum of 288 requests per day per API client secret. This means that you can make up to 288 requests to the API in a 24-hour period using a single API client secret. If you exceed this limit, you will receive HTTP status code 429 Too Many Requests
error.
The rate limit is reset every day at midnight UTC. This means that if you make your 288th request at 11:59 PM UTC, you will be able to make another request at 12:00 AM UTC.
To avoid hitting the rate limit, use caching to share the access token across multiple requests until the expiry datetime. This will help you to save requests and stay within the rate limit.
Request Method
GET
Request URL
Replace the {{BASE_URL}}
with the one mentioned here for India (or here for KSA) based on whether you are using sandbox or production.
Request Headers
Request Path Params
There are no path parameters for this API.
Request Query Params
There are no query parameters for this API.
Request Body
There is no request body for this API.
Sample Request
Response Status Codes
Response Schema
Error Details Object
Sample Response
Success - HTTP Status Code - 200
Failure - HTTP Status Code - 401
If the client secret header key is missing OR If the client secret header value is null.
Failure - HTTP Status Code - 401
If the client secret header value is incomplete, incorrect or invalid OR If the API client is deleted.
Failure - HTTP Status Code - 401
If the client IP address is not within the whitelisted range.
API Validations
There are no validations other than authentication in this API.
API Constraints
This API needs to be authenticated with a valid client secret. If the client secret is missing, null, empty, invalid, incomplete or incorrect, the API will return HTTP Status Code 401.
If the request is made from an IP address not in the range of allowed IPs set at the time of creation of the API client, then API will return HTTP Status Code 401.
This API is rate limited to a maximum of 288 requests per day per API client secret. This means that you can make up to 288 requests to the API in a 24-hour period using a single API client secret. If you exceed this limit, you will receive HTTP status code 429 Too Many Requests error.
FAQs on Access Token
Last updated