POST
/
api
/
ext
/
v1
/
oauth
/
tokens

Send your clientId and clientSecret, and receive a short-lived (10 minutes) accessToken and a long-lived (30 days) refreshToken.

This API can be used for 2 purposes:

  • Communicate server-to-server between the partner and Covver. In this case you should omit the companyId parameter.
  • Embed Covver admin as an iframe for a specific customer. In this case you should include the companyId parameter for this customer. See Embedded Admin Guide for more details

Authorizations

Authorization
string
headerrequired

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
clientId
string
required
clientSecret
string
required
grantType
enum<string>
default: clientCredentials
Available options:
clientCredentials
companyId
string

Response

200 - application/json
accessToken
string
required
refreshToken
string
required
expiresIn
number
required
AuthenticationRefresh the access token