The Client Token is a type of token that will allow the client application (Client) to access certain protected resources, request access to the login, register pages, etc.

The valid period of a Client Token is 1600 seconds (1 hour). If a Client Token has expired, a new one must be requested.

Endpoint URL:

 POST https://{}/oauth2/token

Request parameters

grant_typeThe value must be set to client_credentialsstring
client_idClient identifier of your app obtained via cockpit panel.string
client_secretSecret key of your app obtained via cockpit panel.string

cURL Request example


Once the server checks that the parameters are correct, it will return the client_token accompanied by its expiry data.

  • access_token (although the return value is called access_token, it is the Client Token): token with which to access certain protected resources.
  • expires_in: seconds, from the time it is created, in which the client_token will cease to be valid.
  • expires_at: date in milliseconds (from 01-01-1970) on which the client_token ceases to be valid.