Generate Access Token

This API is used to generate an access token using the client secret created from the API Client page. The generated access token can then be used to access the protected business resource APIs.

Request Method

GET

Request URL

{{HOST}}/integration/v1/authz/token

Request Headers

Parameter

Data Type

Field Validations

Description

x-clear-client-secret

String

Cannot be empty

Mandatory.

API Client secret generated from Clear Portal.

Request Path Params

There are no path parameters for this API.

Request Query Params

There are no query parameters for this API.

Request Body

There is no request body for this API.

Sample Request

curl --location 'https://api.eu.cleartax.com/integration/v1/authz/token' \
--header 'x-clear-client-secret: fsDlES7JxWn+4uU5mL0cwcfszVToIa67ytlf1Uv8Y6xJ7jeBAe4Abb7Wr/3eB6qy3Y1SzAwcDxnSrYxPuIXNMCg==@Ab1'

Response Status Codes

HTTP Status Code

Description

200

For a successful retrieval, if Invoice is not present, validation errors

401

If the user is not authenticated for the operation

500

If there are any unhandled exceptions on Clear side.

Response Schema

Parameter

Data Type

Field Validations

Description

access-token

String

MaxLength: 256

Access token generated by Clear. If there is an error, then this field will not be returned.

valid_till

String

Format: ISO 8601.

YYYY-MM-DDTHH:MM:SS+00:00

Timestamp up to which the access token will be valid in UTC (GMT time zone). This period will be based on the expiration field set at the time of creation of API Client. If it was set as “Never expires”, then this value will be null. If there is an error, then this field will not be returned.

errors

Array

Array of Error Details Objects. If there are no errors, this field will not be returned.

Error Details Object

Parameter

Data Type

Field Validations

Description

error_code

String

Error code based on the rule or precondition that failed.

error_message

String

Detailed error description

error_source

String

Source of the error. This will always be “CLEAR”.

error_id

String

Unique ID of the error generated by Clear for unhandled errors and exceptions. If present, this ID may be quoted while raising a support case.

Sample Response

Success: HTTP Status Code-200

{
    "valid_till": "2025-02-20T10:04:47+00:00",
    "access_token": "1.c3da9800-f36e-46fb-bdf0-99f10b7f1afd_80b0f6c95755668ea6728ce441e82a5f6f"
}

Failure: HTTP Status Code - 401

If the client secret header key is missing OR If the client secret header value is null.

{
  "errors": [
    {
      "error_code": "CLI-SEC-001",
      "error_message": "Client secret header is missing or value is empty.",
      "error_source": "CLEAR",
      “error_id”: null
    }
  ]
}

Failure: HTTP Status Code - 401

If the client secret header value is incomplete, incorrect or invalid OR If the API client is deleted.

{
  "errors": [
    {
      "error_code": "CLI-SEC-002",
      "error_message": "Invalid or inactive client secret.",
      "error_source": "CLEAR",
      “error_id”: null
    }
  ]
}

API Validations

There are no validations other than authentication in this API.

API Constraints

This API needs to be authenticated with a valid client secret. If the client secret is missing, null, empty, invalid, incomplete or incorrect, the API will return HTTP Status Code 401.
If the request is made from an IP address not in the range of allowed IPs set at the time of creation of the API client, then API will return HTTP Status Code 401.
Rate Limit:

Production - 100 API calls per hour with a burst capacity of 50 API calls

Sandbox - 10 API calls per hour with a burst capacity of 10 API calls

PreviousE-Invoice Object NextE-Invoicing Malaysia API Reference

Last updated 2 days ago

Was this helpful?