Phin Security API Access Tokens
Technical documentation on the route used to obtain an access token that can be used to get your data from the Phin API.
Body Reference
| Field |
Type |
Example |
| client_id |
string |
“ZzyourClientIdzZ” |
| client_secret |
string |
“superSecretString” |
| audience |
constant string |
"https://public.api.phinsec.io" |
| grant_type |
constant string |
"client_credentials" |
Body Sample
{
"client_id":"YOUR_CLIENT_ID",
"client_secret":"YOUR_CLIENT_SECRET",
"audience":"<https://public.api.phinsec.io>",
"grant_type":"client_credentials"
}
Response Reference
| Field |
Type |
Example |
| access_token |
string |
“eyBbase64EncodedString” |
| expires_in |
number (seconds) |
86400 |
| token_type |
string |
Bearer |
Response Sample
{
"access_token": "YOUR_ACCESS_TOKEN",
"expires_in": 86400,
"token_type": "Bearer"
}
Error Reference
| Code |
Message |
Explanation |
| 403 |
unauthorized_client |
You probably spelled “client_credentials” improperly in the “grant_type” |
| 403 |
access_denied |
You may have not spelled the “audience” properly |
| 403 |
Unauthorized |
You have incorrectly entered the client_id or client_secret |
