Obtain an Access Token

Absolute majority of Dapi API endpoints require Access Token to perform an operation. Please read below on what is the Access Token and how you can obtain one.

Access Token VS Access Code

Access tokens allow your app to access the Dapi API. They are permanent for the user. Therefore once it is obtained it does not need to be refreshed, unless the token has been delinked.

Meanwhile, Access Code is only valid for 30 minutes. It can't be used to interact with Dapi API. It is only used to obtain user Access Token

How To Obtain Access Token

To obtain a Access Token, you must first receive Access Code. Later on valid Access Code can be exchanged for permanent token.

Lets take a look at the whole process.

Step 1 - Obtain Access Code

Access Code can be received after successful user authentication in Connect layer. To read more about how to initialize Connect layer and authenticate user in the system refer to our Connect Layer documentation

After successful user authentication in the Connect layer, you will get following response:

    "success": true,
    "accessCode": "access_code_value",
    "userSecret": "user_secret_value",
    "connectionID": "connection_id_value",
    "userID": "user_id_value",
    "tokenID": "token_id_value"

You will need accessCode and connectionID from the response, needed to obtain a user token.


Please Note

Access Code is only valid for 30 minutes. It must be exchanged for Access Token within this 30 minutes, otherwise the code will become ineffective.

Step 2 - Exchange Access Code For Access Token

Token must be obtained using ExchangeToken endpoint. To generate a successful request you will need:

  • accessCode
  • connectionID
  • appSecret

To read more on how to obtain accessCode and connectionID please refer to Connect Layer Documentation ]

To read more on how to register app and obtain app keys please refer to Getting your API keys]

Request body for exchanging accessCode for accessToken looks following:

	"appSecret": "app_secret_value",
	"accessCode": "access_code_value",
	"connectionID": "connection_id_value"

Successful exchangeToken response looks following:

  "success": true,
  "accessToken": "access_token_value"

Now once you have an Access Token, you can use it as Authorization Bearer Header to communicate with Dapi API.