POST
/
api
/
ext
/
v1
/
oauth
/
tokens

Send your clientId and clientSecret, and receive a short-lived (10 minutes) accessToken and a long-lived (30 days) refreshToken.

This API can be used for 2 purposes:

  • Communicate server-to-server between the partner and Covver. In this case you should omit the companyId parameter.
  • Embed Covver admin as an iframe for a specific customer. In this case you should include the companyId parameter for this customer. See Embedded Admin Guide for more details

Authorizations

Authorization
string
headerrequired

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
grantType
enum<string>
default: clientCredentials
Available options:
clientCredentials
clientId
string
required
clientSecret
string
required
companyId
string

Response

200 - application/json
accessToken
string
required
refreshToken
string
required
expiresIn
number
required
AuthenticationRefresh the access token