Skip to main content
POST
/
token
Error
A valid request URL is required to generate request examples
{
  "access_token": "<string>",
  "token_type": "Bearer",
  "expires_in": 123,
  "authorization_details": [
    {
      "type": "urn:openfinanceuae:account-access-consent:v2.1",
      "consent": {
        "Data": {
          "ConsentId": "<string>",
          "ConsentCombination": "SingleBankDataSharingConsent",
          "CreationDateTime": "2023-11-07T05:31:56Z",
          "Status": "AwaitingAuthorization",
          "StatusUpdateDateTime": "2023-11-07T05:31:56Z",
          "Permissions": [
            [
              "ReadAccountsBasic"
            ]
          ],
          "ExpirationDateTime": "2023-11-07T05:31:56Z",
          "OpenFinanceBilling": {
            "UserType": "Retail",
            "Purpose": "AccountAggregation",
            "IsLargeCorporate": true
          },
          "BaseConsentId": "<string>",
          "CombinedConsentGroupId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "AccountType": [
            "Retail"
          ],
          "AccountSubType": [
            "CurrentAccount"
          ],
          "OnBehalfOf": {
            "TradingName": "<string>",
            "LegalName": "<string>",
            "IdentifierType": "Other",
            "Identifier": "<string>"
          },
          "RevokedBy": "LFI"
        },
        "Links": {
          "Self": "<string>"
        },
        "Subscription": {
          "Webhook": {
            "Url": "<string>",
            "IsActive": true
          }
        },
        "Meta": {}
      }
    }
  ],
  "scope": "<string>",
  "state": "<string>",
  "refresh_token": "<string>",
  "id_token": "<string>"
}

Body

client_id
string
required

The OAuth 2.0 Client ID of the Client, as set in the Open Finance Trust Framework (OFTF).

client_assertion_type
enum<string>
required

Client Assertion using JWT Authentication, as described by RFC 7523

Available options:
urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
client_assertion
string
required

private_key_jwt client assertion

code_verifier
string
required

Code verifier value, created for Proof of Key Code Exchange correlating with value sent with Authorization Request.

grant_type
enum<string>
required

The grant type, which must be set to authorization_code.

Available options:
authorization_code
code
string
required

The authorization code received by the TPP from the Authorization Server.

redirect_uri
string<uri>
required

The OAuth 2.0 redirect URI of the Client, as set in the Open Finance Trust Framework. This MUST match a redirect URI value registered at the OFTF.

scope
string

Access Token Scope as sent in Authorization Request and granted by the End User.

Response

The request has succeeded.

access_token
string
required

OAuth 2.0 Access Token issued through Authorization Code grant.

token_type
enum<string>
required

Access Token type.

Available options:
Bearer
expires_in
integer
required

Validity period of Access Token in seconds.

authorization_details
object[]
required

Authorization details are sent in the Pushed Authorization Request

Minimum array length: 1

Bank Data Sharing Consent

scope
string

Access Token Scope as sent in Authorization Request and granted by the End User.

state
string

OAuth 2.0 state value, provided as a means to support integrity checking by the Client under FAPI 2.0. Omitted from Refresh Token Grant.

refresh_token
string

OAuth 2.0 Refresh Token. Omitted from responses where not supported by a given consent type.

id_token
string

OpenID Connect ID Token, returned where applicable to requested scope and supported flows.