# Request an access token

Access tokens are used in token-based authentication to grant applications access to APIs on behalf of a user. After a user successfully logs in and authorizes access, the application receives an access token. This token acts as a credential that the application uses to identify itself and the authorized user when calling the target API.

You must include a valid access token in your request header when you send requests to secured API endpoints.

To get an access token, you must have your client ID and client secret. Learn how to generate a client ID and client secret in the [Payments Direct 2.0 API reference](/products/payments-direct-2/v2025.11/api-docs/payments-direct-api/payments-direct-2-api).

### Request format

To get an authentication token for the **UAT** environment, send a `POST` request to the following URL:


```plaintext
https://api.test.ripple.com/v2/oauth/token
```

## Authentication request

To get an access token, use the authenticate operation in the [Payments Direct 2.0 API reference](/products/payments-direct-2/v2025.11/api-docs/payments-direct-api/payments-direct-2-api).

Include the `audience` and `grant_type` as shown in the example below.

The value of the `audience` field is based on [URN](https://en.wikipedia.org/wiki/Uniform_Resource_Name) syntax.

**Format**: `urn:ripplexcurrent-ENVIRONMENT_STRING:YOUR_TENANT_ID`

**Example**: `urn:ripplexcurrent-uat:YOUR_TENANT_ID`

## Authentication response

Store the `access_token` for use with all other API operations.


```json
{
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJ",
  "scope": "identities:create identities:read identities:write quote_collections:write payments:accept payments:read",
  "expires_in": 3600,
  "token_type": "Bearer"
}
```