Skip to main content
POST
/
v1
/
oauth2
/
token
Java (SDK)
package hello.world;

import java.lang.Exception;
import org.openapis.openapi.AriesJava;
import org.openapis.openapi.models.errors.ErrorResponse;
import org.openapis.openapi.models.operations.*;

public class Application {

    public static void main(String[] args) throws ErrorResponse, Exception {

        AriesJava sdk = AriesJava.builder()
                .bearerAuth(System.getenv().getOrDefault("BEARER_AUTH", ""))
            .build();

        Oauth2TokenRequest req = Oauth2TokenRequest.builder()
                .grantType(GrantType.AUTHORIZATION_CODE)
                .clientId("client_abc123xyz")
                .code("auth_code_abc123xyz789def456")
                .clientSecret("secret_xyz789abc")
                .redirectUri("https://yourapp.com/callback")
                .build();

        Oauth2TokenResponse res = sdk.oauth2().token()
                .request(req)
                .call();

        if (res.object().isPresent()) {
            // handle response
        }
    }
}
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.cThIIoDvwdueQB468K5xDc5633seEFoqwxjF_xSJyQQ",
  "token_type": "Bearer",
  "expires_in": 3600,
  "refresh_token_expires_in": 2592000,
  "scope": "read write"
}

Body

application/json
grant_type
enum<string>
required

OAuth2 grant type

Available options:
authorization_code,
refresh_token
client_id
string
required

OAuth2 client identifier

code
string

Authorization code from /v1/oauth2/authorize/confirm (required for authorization_code grant)

client_secret
string

Client secret (required for confidential clients and refresh_token grant)

code_verifier
string

PKCE code verifier (required for PKCE flow, replaces client_secret)

redirect_uri
string<uri>

Redirect URI (required for authorization_code grant, must match authorization request)

refresh_token
string

Refresh token (required for refresh_token grant)

Response

Tokens generated successfully

access_token
string
required

Bearer token for API authentication

token_type
enum<string>
required

Token type (always Bearer)

Available options:
Bearer
expires_in
integer
required

Access token expiration time in seconds (typically 3600 = 1 hour)

refresh_token
string

Token to refresh the access token

refresh_token_expires_in
integer

Refresh token expiration time in seconds (typically 2592000 = 30 days)

scope
string

Space-separated list of granted scopes