{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-guides/sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":[]},"type":"markdown"},"seo":{"title":"Mint an Access Token with an OAuth Access Key","llmstxt":{"hide":false,"sections":[{"title":"Table of contents","includeFiles":["**/*"],"excludeFiles":[]}],"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"mint-an-access-token-with-an-oauth-access-key","__idx":0},"children":["Mint an Access Token with an OAuth Access Key"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Use this flow when OAuth is enabled for your merchant and you want to authenticate merchant API requests with an OAuth 2.0 Client Credentials bearer token instead of HTTP Basic Auth."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This guide covers only the token exchange flow. For Direct API setup, enabling OAuth, and managing access keys in Merchant Dashboard, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/guides/direct-api-access-and-authentication"},"children":["Direct API Access and Authentication"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"before-you-begin","__idx":1},"children":["Before you begin"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["In Merchant Dashboard, navigate to ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Settings > Integrations > Direct API"]},"."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Make sure:"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["OAuth is enabled"]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["you have a valid access key"]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["you have copied the access key's ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"1-exchange-the-access-key-for-a-bearer-token","__idx":2},"children":["1. Exchange the access key for a bearer token"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Send a ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["POST"]}," request to ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["/access-keys/token"]}," with the access key credentials in the request body."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This token-minting request does not use an ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Authorization"]}," header. The ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]}," in the request body are the credentials used to authenticate the request."]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"bash","header":{"controls":{"copy":{}}},"source":"curl https://app.resolvepay.com/api/access-keys/token \\\n  -H \"Content-Type: application/json\" \\\n  -d '{\n    \"client_id\": \"<client_id>\",\n    \"client_secret\": \"<client_secret>\"\n  }'\n","lang":"bash"},"children":[]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Example response:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"json","header":{"controls":{"copy":{}}},"source":"{\n  \"access_token\": \"eyJ...\",\n  \"token_type\": \"Bearer\",\n  \"expires_in\": 86400,\n  \"scope\": \"merchant:read merchant:write\"\n}\n","lang":"json"},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"2-use-the-bearer-token","__idx":3},"children":["2. Use the bearer token"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Include the returned token in the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Authorization"]}," header when calling the merchant API:"]},{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"bash","header":{"controls":{"copy":{}}},"source":"curl https://app.resolvepay.com/api/customers \\\n  -H \"Authorization: Bearer <access_token>\"\n","lang":"bash"},"children":[]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"notes","__idx":4},"children":["Notes"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Expired access keys cannot mint tokens."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Revoked access keys cannot mint tokens."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["If OAuth is disabled in Merchant Dashboard, bearer-token requests will not be authorized for merchant API calls."]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"api-reference","__idx":5},"children":["API Reference"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["See the merchant API reference for the token endpoint:"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["POST /access-keys/token"]}]}]}]},"headings":[{"value":"Mint an Access Token with an OAuth Access Key","id":"mint-an-access-token-with-an-oauth-access-key","depth":1},{"value":"Before you begin","id":"before-you-begin","depth":2},{"value":"1. Exchange the access key for a bearer token","id":"1-exchange-the-access-key-for-a-bearer-token","depth":2},{"value":"2. Use the bearer token","id":"2-use-the-bearer-token","depth":2},{"value":"Notes","id":"notes","depth":2},{"value":"API Reference","id":"api-reference","depth":2}],"frontmatter":{"seo":{"title":"Mint an Access Token with an OAuth Access Key"}},"lastModified":"2026-03-18T19:36:56.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/guides/mint-an-access-token","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}