POST
/
getToken
curl --request POST \
  --url https://gateway.finhub.cloud/peps/getToken \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "connection": "service-account",
  "device": "Vlado-PC",
  "grant_type": "password",
  "scope": "openid service_account_id offline_access"
}'
{
  "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6",
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ik4wSTJRekJEUWpRM04wUkJSakJFUkRVM05qaEZNREF5T0VWRlJqWkRSVVl4TWtFMU5ERXdSUSJ9.eyJzZXJ2aWNlX2FjY291bnRfaWQiOiI5U0VQMDAxMDAwIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLmFjY291bnRzLmRvd2pvbmVzLmNvbS8iLCJzdWIiOiJhdXRoMHw2MGYwZjRmY2QzNDE1NDE3NDNjNzkwOGIiLCJhdWQiOiJmZlRCcGsxU3ZJMTQ0STJnVVB0dFBkWjRGbkdxcHZkNyIsImlhdCI6MTYzNDYyOTkwNiwiZXhwIjoxNjM0NjY1OTA2fQ.iSO9UxiIE8pNce_2mQugk2yRVHq-4m77NeqDh0Z07PfuppU1EmdAmxLUKjJwJIN5JiZXI5AYGDglofvFbT0f8cgyMWNVpV2ph4BqkHLs16n_hzjhiqniUKDAQupU877iB8nL3nPiyds8_yxoeadijyOZHlXv4SOngGRRJWlwRlJ_2ng-2brNq0RKi889epqUdVySyrGplj17RpPppUd5waT6nX4I6Mu8aB9AHAZHYKdyiQ6I-jE5nEcWYI4EI0FOqSGrplYolFvHXgpedwCio5FNOi5pTis7iOW3NtqdB_GbPPwYbfng3p9unYgM75B9Z0ZpnWpBhA28BOBiKxnRNA",
  "refresh_token": "4m77NeqDh0Z07PfuppU1EmdAmxLUKjJwJIN5JiZXI5AYGDglofvFb",
  "token_type": "bearear"
}

Authorizations

Authorization
string
headerrequired

The access token received from the authorization server in the OAuth 2.0 flow.

Body

application/json
connection
string

Specifies the custom name of the Auth0 connection configured for the service account users. Set its value to

device
string

Specifies if a Refresh token is requested. In Service Account Integration, this parameter is mandatory when requesting a Refresh token, scope=openid service_account_id offline_access

grant_type
string

Specifies the type of access grant. Set its value to password.

scope
string

Specifies the scope returned in the AuthN ID token. You can specify the value as follows:- openid pib:- retrieves only the two AuthN tokens OR openid service_account_id offline_access:- retrieves the two AuthN tokens and the Refresh token.

Response

200 - application/json
id_token
string

token id for assertion.

access_token
string

access token.

token_type
string

token type (bearer).