Generate M2M OAuth Token - Documentation

curl -X POST "https://api.wizlo.example.com/oauth/token" \
  -H "Content-Type: application/json" \
  -d '{
  "grant_type": "client_credentials",
  "client_id": "client-uuid-abc123",
  "client_secret": "generated-secret-string"
}'

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 25200,
  "refresh_token": "550e8400-e29b-41d4-a716-446655440000:a3f5b2c8d1e4...",
  "refresh_token_expires_in": 2592000
}

POST

oauth

token

curl -X POST "https://api.wizlo.example.com/oauth/token" \
  -H "Content-Type: application/json" \
  -d '{
  "grant_type": "client_credentials",
  "client_id": "client-uuid-abc123",
  "client_secret": "generated-secret-string"
}'

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 25200,
  "refresh_token": "550e8400-e29b-41d4-a716-446655440000:a3f5b2c8d1e4...",
  "refresh_token_expires_in": 2592000
}

Overview

Use this endpoint to exchange your Client ID and Client Secret for an access token. This token must be included in the Authorization header of subsequent API requests.

Headers

Authorization

string

required

Standard Bearer token (e.g., Bearer <your_access_token>).See the M2M Authentication guide for details on generating this token.

Content-Type

string

required

Must be set to application/json.

Body Parameters

grant_type

string

required

The type of authentication flow. Use client_credentials for initial login or refresh_token to renew a session.

client_id

string

required

The Client ID obtained when creating the API client.

client_secret

string

required

The Client Secret obtained when creating the API client.

refresh_token

string

Required if grant_type is set to refresh_token. The token used to obtain a new access token.

Response Parameters

access_token

string

The JWT access token to be used in API requests.

token_type

string

The type of token returned (e.g., “Bearer”).

expires_in

integer

The duration in seconds until the access token expires (typically 25200 seconds / 7 hours).

refresh_token

string

A token that can be used to obtain a new access token without re-sending credentials.

refresh_token_expires_in

integer

The duration in seconds until the refresh token expires.

Status Codes

Status	Description
`200`	Success. Token issued successfully.
`400`	Bad Request. Missing or invalid parameters.
`401`	Unauthorized. Invalid credentials or token.

curl -X POST "https://api.wizlo.example.com/oauth/token" \
  -H "Content-Type: application/json" \
  -d '{
  "grant_type": "client_credentials",
  "client_id": "client-uuid-abc123",
  "client_secret": "generated-secret-string"
}'

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 25200,
  "refresh_token": "550e8400-e29b-41d4-a716-446655440000:a3f5b2c8d1e4...",
  "refresh_token_expires_in": 2592000
}

Upload Document from URL

⌘I

APIs

Authentication

​Overview

​Headers

​Body Parameters

​Response Parameters

​Status Codes

Overview

Headers

Body Parameters

Response Parameters

Status Codes