Get an authentication token

This tutorial shows how to make a successful POST request to the /oauth/token endpoint and receive a Bearer authentication token.

Prerequisites

You must have the client ID and client secret associated with your API credential for a particular environment. For example, if you are building your integration in the sandbox environment you must have the client ID and client secret for that environment. You need this information to get an authentication token.

Request format

To get an authentication token for the production environment, send a POST request to the following URL:

Copy

Copied!

https://liquidity-hub.pub.prod.ripplenet.com/api/v0/oauth/token

To get an authentication token for the sandbox environment, send a POST request to the following URL:

Copy

Copied!

https://liquidity-hub.uat.prod.ripplenet.com/api/v0/oauth/token

You must include a request body containing your clientId and clientSecret as shown in the example below.

Request Body schema: application/json

clientId required	string The client ID associated with a specific set of API credentials. The client ID must be 32 characters long.
clientSecret required	string The client secret associated with a specific set of API credentials. The client secret must be 64 characters long.

application/json

{"clientId": "vTRUNYZoYuk0zsQq1Bs09lliKKriqWNn",
"clientSecret": "wwkNBXm_y2cqYSVdNkhfCcYhbsyczx4c1RfSX8MmOuJwdT1_9ejPXFVFIK0cH1w3"
}

Response format

A successful request returns a response body containing the authentication token in the accessToken field. For example:

{"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
"expiresIn": 300,
"tokenType": "Bearer",
"scope": "resource_one:read resource_one:write resource_two:read"
}

Error responses and handling

If your request is unsuccessful, you may receive a 400, 401, 404, or 500 error code from the Liquidity Hub API.

Here are some recommendations for error handling:

Error code	Name	Possible cause and error handling
`400`	`Bad Request`	Your request may be missing required body parameters. Inspect your request body and retry the request.
`401`	`Unauthorized`	Your `clientId` and/or `clientSecret` value is incorrect. Retry the request with the correct value(s).
`403`	`Forbidden`	The base URL in your request could be incorrect. Retry the request with the correct base URL.
`404`	`Not Found`	No handler found for POST.
`500`	`Internal Server Error`	The service is temporarily unavailable. Retry the request later.