> ## Documentation Index
> Fetch the complete documentation index at: https://docs.covver.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Create OAuth Tokens

> Create an access token and a refresh token

Send your `clientId` and `clientSecret`, and receive a short-lived (10 minutes) `accessToken` and a long-lived (30 days) `refreshToken`.


## OpenAPI

````yaml post /api/ext/v1/oauth/tokens
openapi: 3.0.1
info:
  title: Covver External API docs
  description: Covver External API docs
  version: 0.1.0
servers:
  - url: https://staging-api.covver.io
    description: Covver Staging Server
  - url: https://api.covver.io
    description: Covver Production Server
  - url: http://localhost:8080
    description: Covver Local Server
security:
  - BearerAuth: []
tags:
  - name: Auth
    description: Authentication endpoints
  - name: Products
    description: Product endpoints
  - name: People
    description: People endpoints
  - name: Orders
    description: Orders endpoints
  - name: Reports
    description: Report endpoints
externalDocs:
  url: https://swagger.io
  description: Find more info here
paths:
  /api/ext/v1/oauth/tokens:
    post:
      tags:
        - Auth
      summary: Create OAuth Tokens
      description: Create an access token and a refresh token
      requestBody:
        content:
          application/json:
            schema:
              type: object
              properties:
                grantType:
                  default: clientCredentials
                  type: string
                  enum:
                    - clientCredentials
                clientId:
                  type: string
                clientSecret:
                  type: string
              required:
                - clientId
                - clientSecret
        required: true
      responses:
        '200':
          description: Default Response
          content:
            application/json:
              schema:
                type: object
                properties:
                  accessToken:
                    type: string
                  refreshToken:
                    type: string
                  expiresIn:
                    type: number
                required:
                  - accessToken
                  - refreshToken
                  - expiresIn
        4XX:
          description: Default Response
          content:
            application/json:
              schema:
                type: object
                properties:
                  message:
                    type: string
                  errorCode:
                    type: string
                  error: {}
                  statusCode:
                    type: number
                required:
                  - message
                  - errorCode
                  - statusCode
        5XX:
          description: Default Response
          content:
            application/json:
              schema:
                type: object
                properties:
                  message:
                    type: string
                  errorCode:
                    type: string
                  error: {}
                  statusCode:
                    type: number
                required:
                  - message
                  - errorCode
                  - statusCode
components:
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT

````