# Request an access token

Request an access token for authentication with Ripple APIs.

You need to request a token for the environment you want to authenticate with.

Note: The length of the access token isn't fixed, hence it can vary. Avoid validating tokens based on character length.

Tutorials

* Learn how to Request an access token.

#### Environments

| Environment | Domain | Description |
| --- | --- | --- |
| UAT | api.test.ripple.com | UAT environment with simulated transactions. |
| Production | api.ripple.com | Production environment |

Endpoint: POST /v2/oauth/token
Version: 1.0.0

## Request fields (application/json):

  - `client_id` (string, required)
    The client ID associated with a specific set of API credentials.
    Example: "{YOUR_CLIENT_ID}"

  - `client_secret` (string, required)
    The client secret associated with a specific set of API credentials.
    Example: "{YOUR_CLIENT_SECRET}"

  - `audience` (string, required)
    The value of the audience field is based on [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) syntax.

Format: urn:ripplexcurrent-{ENVIRONMENT_STRING}:{YOUR_TENANT_ID}

* The first component is urn:ripplenetxcurrent-.
* The second component refers to the environment you want to access.
* The third component is your tenant ID. Ripple integration engineers provide this component during training.

| Environment | Environment string | Description |
| --- | --- | --- |
| UAT | uat | UAT environment with simulated transactions. |
| Production | prod | Production environment for Ripple's internal services. |

Example: urn:ripplexcurrent-uat:{YOUR_TENANT_ID}
    Example: "urn:ripplexcurrent-uat:{YOUR_TENANT_ID}"

  - `grant_type` (string, required)
    Set the grant-type for this client credentials request. This must be set to client_credentials.
    Enum: "client_credentials"

## Response 200 fields (application/json):

  - `access_token` (string)
    The bearer token you use when authenticating with a Ripple API.
    Example: "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJ"

  - `scope` (string)
    List of scopes applied to your access_token.

  - `expires_in` (integer)
    How long your access_token is valid. You need to request a new token when it expires.
    Example: 3600

  - `token_type` (string)
    The type of token. Ripple APIs use Bearer auth tokens.
    Example: "Bearer"

## Response 400 fields (application/json):

  - `error_description` (string)
    Summary of the returned problem.
    Example: "Unauthorized"

  - `error` (string)
    Error status.
    Example: "access_denied"

## Response 401 fields (application/json):

  - `error_description` (string)
    Summary of the returned problem.
    Example: "Unauthorized"

  - `error` (string)
    Error status.
    Example: "access_denied"

## Response 403 fields (application/json):

  - `error_description` (string)
    Summary of the returned problem.
    Example: "Unauthorized"

  - `error` (string)
    Error status.
    Example: "access_denied"