Request an access token

Access tokens are used in token-based authentication to grant applications access to APIs on behalf of a user. After a user successfully logs in and authorizes access, the application receives an access token. This token acts as a credential that the application uses to identify itself and the authorized user when calling the target API.

Prerequisite: IP allowlisting

You must add any IP addresses that will be connecting to Ripple servers to the IP allowlist.

You must include a valid access token in your request header when you send requests to secured API endpoints.

To get an access token, you must have your client ID and client secret. Learn how to generate a client ID and client secret for use with Ripple APIs.

Request format

To get an authentication token for the test environment, send a POST request to the following URL:

Copy

Copied!

https://auth-test.rnc.ripplenet.com/oauth/token

Authentication request

To get an access token, use the request an access token operation with your client_id and client_secret.

Include the audience and grant_type as shown in the example below.

The value of the audience field is based on URN syntax.

Format: urn:ripplexcurrent-ENVIRONMENT_STRING:YOUR_TENANT_ID

Example: urn:ripplexcurrent-test:YOUR_TENANT_ID

Payload
curl
Python
JavaScript

{"client_id": "{YOUR_CLIENT_ID}",
"client_secret": "{YOUR_CLIENT_SECRET}",
"audience": "urn:ripplexcurrent-prod:{YOUR_TENANT_ID}",
"grant_type": "client_credentials"
}

Authentication response

Store the access_token for use with all other API operations.

{"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJ",
"scope": "identities:create identities:read identities:write quote_collections:write payments:accept payments:read routing_table:lookup",
"expires_in": 3600,
"token_type": "Bearer"
}