POST
/
api
/
ext
/
v1
/
oauth
/
tokens
curl --request POST \
  --url https://staging-api.covver.io/api/ext/v1/oauth/tokens \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "grantType": "clientCredentials",
  "clientId": "<string>",
  "clientSecret": "<string>",
  "companyId": "<string>"
}'
{
  "accessToken": "<string>",
  "refreshToken": "<string>",
  "expiresIn": 123
}

Send your clientId and clientSecret, and receive a short-lived (10 minutes) accessToken and a long-lived (30 days) refreshToken.

This API can be used for 2 purposes:

  • Communicate server-to-server between the partner and Covver. In this case you should omit the companyId parameter.
  • Embed Covver admin as an iframe for a specific customer. In this case you should include the companyId parameter for this customer. See Embedded Admin Guide for more details

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json

Response

200
application/json

Default Response

The response is of type object.