Exchange Token - Tabillo

Exchange Code or Refresh Token

curl --request POST \
  --url https://crossproductroadmapbackend.vercel.app/api/v1/oauth/token \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data 'code=<string>' \
  --data 'redirect_uri=<string>' \
  --data 'refresh_token=<string>' \
  --data 'client_id=<string>' \
  --data 'client_secret=<string>' \
  --data 'code_verifier=<string>'

{
  "access_token": "tabt_abc123...",
  "refresh_token": "tabr_xyz789...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "read write"
}

POST

oauth

token

Exchange Code or Refresh Token

curl --request POST \
  --url https://crossproductroadmapbackend.vercel.app/api/v1/oauth/token \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data 'code=<string>' \
  --data 'redirect_uri=<string>' \
  --data 'refresh_token=<string>' \
  --data 'client_id=<string>' \
  --data 'client_secret=<string>' \
  --data 'code_verifier=<string>'

{
  "access_token": "tabt_abc123...",
  "refresh_token": "tabr_xyz789...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "read write"
}

Body

application/x-www-form-urlencoded

grant_type

enum<string>

required

Available options:

authorization_code,

refresh_token

code

string

Required for authorization_code grant

redirect_uri

string

Required for authorization_code grant

refresh_token

string

Required for refresh_token grant

client_id

string

client_secret

string

code_verifier

string

PKCE code verifier (required if code_challenge was sent)

Response

200 - application/json

Token response

access_token

string

Example:

"tabt_abc123..."

refresh_token

string

Example:

"tabr_xyz789..."

token_type

string

Example:

"Bearer"

expires_in

integer

Example:

3600

scope

string

Example:

"read write"

Authorization Page Revoke Token

Documentation Index

Body

Response