Exchange Token - Dintero Documentation

curl --request POST \ --url https://api.dintero.com/v1/accounts/{partner_id}/auth/exchange_token \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data ' { "account_id": "<string>" } '

Authorizations

Authorization

string

header

required

Bearer authentication (token authentication) should be used for accessing the API.

Use Get Token to get an access token for client credentials. Pass the token in the request header:

Authorization: Bearer {access_token}

where the access_token is JSON Web Tokens (JWT).

Path Parameters

partner_id

string<^[PT]{1}\d{3}00000$>

required

An id that uniquely identifies the partner account

Required string length: 9

Body

application/json

account_id

string<^[PT]{1}\d{8}$>

required

The account_id to create exchange access_token for

Response

Success

access_token

string

required

A JWT access token

Example:

"eyJhbGci...t7P4"

token_type

enum<string>

required

Available options:

Bearer

expires_in

integer

required

The lifetime in seconds of the access token. For example, the value "3600" denotes that the access token will expire in one hour from the time the response was generated.

Example:

86400

refresh_token

string

Token that can be used to request new tokens when the existing Access Token expire.

You can only get a Refresh Token if the Access Token used in the request has scope:

create:accounts:auth:refresh_token

and the grant-type is one of:

authorization_code
password

NOTE:

A Single-Page Application should not ever receive a Refresh Token, this information is sensitive and should not be exposed client-side in a browser.
Refresh token must be stored securely by an application since they allow a user to remain authenticated essentially forever.

Documentation Index

Authorizations

Path Parameters

Body

Response