Get access token

token retrieval cross river uses oauth 2 0 for authentication and authorization this controls entry to our system and ensures that only authorized entities can access our apis and other protected resources the information you enter into our authentication system is confidential and can never be accessed from any other cross river applications once you've received your docid\ z mvwov p00 xx082nabk , and b efore you can use our apis, you must get an access token using the client id and client secret you received when you registered this access token allows you to send information securely as a json object for use in our apis you must include this token in the header of each api request there are several ways to request and receive an access token use command line interface (cli) with curl or any other language use postman or any other api testing tool once obtained, copy the access token to your clipboard make sure you save it command line interface to request a token send a post connect/token command containing the client id and client secret and grant type to the docid\ kp 8xnezdhnatwylgxt22 (auth server) of the appropriate sandbox, as shown in the sample below refer to the docid\ kp 8xnezdhnatwylgxt22 for an explanation of these tags the following example uses curl to request a token from one of the auth servers sample request in curl for cos curl location request post 'https //idptest crbcos com/connect/token' \\ \ header 'content type application/x www form urlencoded' \\ \ data urlencode 'client id=\[your id here]' \\ \ data urlencode 'client secret=\[your secret here]' \\ \ data urlencode 'grant type=client credentials' \\ \ data urlencode 'audience=https //api crbcos com/' sample response from curl request { "access token" "contains many characters", \\ "expires in" 86400, \\ "token type" "bearer" } postman to request a token using postman, send a post connect/token command to the docid\ kp 8xnezdhnatwylgxt22 of the appropriate sandbox add the grant type , scope (optional) , client id and client secret to the call refer to the docid\ kp 8xnezdhnatwylgxt22 for an explanation of these tags if the authentication is successful, the status code is 200 (ok) token request response true 139,100 true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type http components the following http components are used both in the api and postman requests true 116,141,100 true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type auth server urls true 218,320 true unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type troubleshooting if the authentication token is valid, it will return a 200 if the authentication token isn't valid, it will return a 401 if you unable to get a bearer token and you haven't received one in the past confirm the url check that the client id and client secret are typed correctly they are case sensitive check your client id and client secret against the one you received make sure there are no network or allowlist issues contact our mailto\ integrations support\@crossriver com if your account is locked as a result of 3 incorrect log in attempts