Create Token
Pending
POST
https://api.mpc.dev.placewise.com/v3/{loyalty_club_slug}/members/oauth/token
API Permit:BL:Api:Members:OAuth
API Context:Loyalty Club
Authorizations:Token
password - token is issued by providing Password,see: Creating token with password grant
external_token - token is issued by social provider oauth token such as google or apple,see: Creating token with external token
refresh_token - token is issued by providing refresh token obtained from password grant type,see: Refreshing token
Body Parameters
| Parameter | Description | Type | For grant type |
|---|---|---|---|
| grant_type | type of grant | enum: password, refresh_token, external_token | - |
| identifier_type | identifier type that user should be retrieved by | enum: id, email, msisdn | password |
| identifier | value of member identifier | mixed (e.g. 134123123, +47123456789 or alice@example.com) | password |
| password | member password, One-Time-Password or Registration Password | string | password |
| external_token | member external_token, External Token | string | external_token |
| external_token_type | member external_token type, allowed values: [google apple] | string | external_token |
| refresh_token | refresh token | string | access_token |
Password
password types, depending on Loyalty Club setup:may be used to sign in the user right after registration, without sending additional OTP
Response Body
| Key | Description | Type |
|---|---|---|
| access_token | Token that member can be authenticated with | string |
| token_type | Always "bearer" | string |
| expires_in | Seconds for how long token will be valid | integer (seconds) |
| refresh_token | Token that may be used to issue a new :access_token | string |
| created_at | When the token has been created | integer (timestamp) |
| resource_owner_id | ID of member that the token has been for | integer |
access_token that is valid for 24 hours - may be used to authenticate member in member-related actions (see: OAuth).refresh_token which is valid for 1 year - may be used to get a new access token (with refresh_token grant)resource_owner_id is returned, it is an ID of member that the token has been issued for.Error Responses
| Status | Reason |
|---|---|
461 | Invalid member credentials provided for password grant. Either member could not be found or password is wrong |
462 | Invalid refresh_token provided for refresh_token grant (may be expired) |
463 | Invalid external_token provided for external_token grant |
Example
Creating token with password grant
"grant_type": "password" should be given along with member credentials.Creating token with external_token grant
"grant_type": "external_token" should be given along with member credentials.Refreshing token with refresh_token grant
refresh_token grant.grant_type: "refresh_token" must be provided along with refresh_token: ":refresh_token".password or external_id grant, but with new tokens.{
"access_token": "af9e5361cd7e083dfa4132df3ea7ab82fac21496991632a9994a8c2a9f33884f",
"token_type": "bearer",
"expires_in": 86400,
"refresh_token": "36c636e4290d28488a13691afce351397bec21b1246c2c7896a8262d9bfbc4c4",
"created_at": 1506523094,
"resource_owner_id": 42
}Request
Path Params
loyalty_club_slug
stringÂ
required
Example:
infinity-mall
Header Params
X-Loyalty-Club-Slug
stringÂ
required
Default:
{{LOYALTY_CLUB_SLUG}}
X-Client-Authorization
stringÂ
optional
Default:
{{API_TOKEN}}
Body Params application/json
Request samples
Responses
Modified at 2025-01-27 12:57:53