# Generate Token

**Method:** `POST`

**Path:** `/api/auth/v1/token`

**Category:** Authentication

## Description

Generate an API access token using client credentials.
This token is required in the Authorization header for all other API calls.
This API is authenticated using the client secret provided in the request body.


## Request Body

Content-Type: `application/json`

- `client_id` (`string`) **required** — Unique client identifier provided during merchant onboarding.
- `client_secret` (`string`) **required** — Client secret key provided during merchant onboarding.
- `grant_type` (`string`) **required** — OAuth2 grant type.

### Example Request

```json
{
  "client_id": "a17ce30e-f88e-4f81-ada1-c3b4909ed232",
  "client_secret": "abcdefgwei7egyhuggwp39w8rh",
  "grant_type": "client_credentials"
}
```

## Responses

- `200` — Token generated successfully.
- `405` — Method not allowed.
- `422` — Unprocessable entity.
- `500` — 

### Response Schema

- `access_token` (`string`) — The access token generated by the system. Use in Authorization headers.
- `expires_at` (`string`) — Access token expiration timestamp in ISO 8601 format.

### Example Response

```json
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "expires_at": "2024-06-28T13:26:06.909140Z"
}
```

---

Reference: https://localhost:3000/api/authentication/generate-token