# OAuth Token

***

## OAuth Token Usage

All Valify Service APIs use **OAuth 2.0** as the authentication mechanism.

* An **access token** is valid for **10 minutes** from the time it is generated.
* Each token can be used for up to **3 API calls** within this 10-minute window.
* A new token is only required if **either**:
  * The token has been used **3 times**, **or**
  * The **10-minute validity period** has expired.

> ⚠️ Avoid requesting a new token for every API call. Instead, reuse the same token until it reaches **3 uses** or **expires after 10 minutes.**

## OAuth Token

<mark style="color:green;">`POST`</mark> `https://valifystage.com/api/o/token/`

#### Headers

| Name         | Type   | Description                       |
| ------------ | ------ | --------------------------------- |
| Content-Type | string | application/x-www-form-urlencoded |

#### Request Body

| Name           | Type   | Description |
| -------------- | ------ | ----------- |
| username       | string |             |
| password       | string |             |
| client\_id     | string |             |
| client\_secret | string |             |
| grant\_type    | string | password    |

{% tabs %}
{% tab title="✅ 200 Success" %}

```python
{
    'access_token': '********************************', 
    'expires_in': 600, #10 Minutes
    'token_type': 'Bearer', 
    'scope': '<given_score_permission>', 
    'refresh_token': '********************************'
}
```

{% endtab %}
{% endtabs %}

{% tabs %}
{% tab title="🐍Python 3" %}

```python
import requests

r = requests.post("https://valifystage.com/api/o/token/",
        data={
            'username': '<username>', # Place your data here
            'password': '<password>', 
            'client_id': '<client id>',  
            'client_secret': '<client secret>', 
            'grant_type': 'password'
        }
    )

print(r.json())
```

{% endtab %}
{% endtabs %}

## <mark style="color:blue;">Postman Package</mark>

{% file src="<https://content.gitbook.com/content/mzgYXwSfAFtfOUAPpKlY/blobs/xNRiUsqUKxt4B3DVk40c/Access%20Token.postman_collection.json>" %}
ACCESS TOKEN
{% endfile %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://valify.gitbook.io/documentation/apis/oauth-token.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.