POST oauth2/token


Allows a registered application to obtain an app-only OAuth 2.0 Bearer Token, which can be used to make API requests on behalf of an App (as opposed to a user).

Only one Bearer Token may exist per App. Repeated requests to this method will yield the same already-existent token until it has been invalidated.

Tokens received by this method should be stored according to our authentication best practices. If attempted too frequently, requests will be rejected with a HTTP 403 with code 99.

Endpoint URL


Authentication Basic authentication - Use your API Key as the username, and the API Secret Key as the password

Query parameters

Name Required Description Example
grant_type required Specifies the type of grant being requested by the application. At this time, only client_credentials is allowed. See App-Only Authentication for more information. client_credentials

Example request

To use the following cURL request, just replace $API_KEY and $API_SECRET_KEY with credentials from your App:

      curl --request POST -u$API_KEY:$API_SECRET_KEY \
  --url ''


Example response

      HTTP/1.1 200 OK
Status: 200 OK
Content-Type: application/json; charset=utf-8
Content-Encoding: gzip
Content-Length: 140