# Exchange credentials for an access token Authenticates the partner using the OAuth2 Client Credentials flow. Send client_id and client_secret in the Authorization header (Basic Auth) to receive a JWT token. The token expires in 1 hour and must be sent as a Bearer token in all other requests. The SDKs handle token retrieval and renewal automatically. Endpoint: POST /auth/token Version: 2026-03-01 Security: ## Header parameters: - `Authorization` (string, required) Basic base64(client_id:client_secret) — Partner credentials encoded in Base64 ## Request fields (application/x-www-form-urlencoded): - `grant_type` (string, required) Enum: "client_credentials" ## Response 200 fields (application/json): - `access_token` (string, required) JWT access token Example: "dinie_at_eyJhbGciOiJIUzI1NiJ9..." - `token_type` (string, required) Enum: "bearer" - `expires_in` (integer, required) Token lifetime in seconds Example: 3600 ## Response 400 fields (application/problem+json): - `type` (string, required) URI identifying the error type - `title` (string, required) Short, human-readable summary of the problem type - `status` (integer, required) HTTP status code - `detail` (string, required) Human-readable explanation specific to this occurrence - `instance` (string) URI identifying this specific occurrence - `code` (string) Machine-readable subtype code - `param` (string) The request parameter that caused the error - `errors` (array) Field-level validation errors - `errors.param` (string, required) - `errors.detail` (string, required) - `errors.code` (string) ## Response 401 fields (application/problem+json): - `type` (string, required) URI identifying the error type - `title` (string, required) Short, human-readable summary of the problem type - `status` (integer, required) HTTP status code - `detail` (string, required) Human-readable explanation specific to this occurrence - `instance` (string) URI identifying this specific occurrence - `code` (string) Machine-readable subtype code - `param` (string) The request parameter that caused the error - `errors` (array) Field-level validation errors - `errors.param` (string, required) - `errors.detail` (string, required) - `errors.code` (string) ## Response 429 fields (application/problem+json): - `type` (string, required) URI identifying the error type - `title` (string, required) Short, human-readable summary of the problem type - `status` (integer, required) HTTP status code - `detail` (string, required) Human-readable explanation specific to this occurrence - `instance` (string) URI identifying this specific occurrence - `code` (string) Machine-readable subtype code - `param` (string) The request parameter that caused the error - `errors` (array) Field-level validation errors - `errors.param` (string, required) - `errors.detail` (string, required) - `errors.code` (string) ## Response 500 fields (application/problem+json): - `type` (string, required) URI identifying the error type - `title` (string, required) Short, human-readable summary of the problem type - `status` (integer, required) HTTP status code - `detail` (string, required) Human-readable explanation specific to this occurrence - `instance` (string) URI identifying this specific occurrence - `code` (string) Machine-readable subtype code - `param` (string) The request parameter that caused the error - `errors` (array) Field-level validation errors - `errors.param` (string, required) - `errors.detail` (string, required) - `errors.code` (string)