> ## Documentation Index
> Fetch the complete documentation index at: https://docs.blnkfinance.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get access token

> Exchange an authorization code for an access token using the OAuth authorization code flow.

Exchange an authorization code for an access token. Use this endpoint after the user authorizes your app and you receive an authorization code.

***

### Request structure

<RequestExample>
  ```bash cURL theme={"system"}
  curl -X POST https://api.cloud.blnkfinance.com/oauth/token \
    -H "Content-Type: application/x-www-form-urlencoded" \
    -u "YOUR_CLIENT_ID:YOUR_CLIENT_SECRET" \
    -d "grant_type=authorization_code" \
    -d "code=THE_CODE_FROM_REDIRECT" \
    -d "redirect_uri=https://your-app.com/oauth/callback"
  ```
</RequestExample>

<ParamField header="Authorization" type="string" required>
  Basic authentication using your OAuth client ID and client secret. Format: `Basic base64(client_id:client_secret)` or use `-u` flag in cURL.
</ParamField>

<ParamField body="grant_type" type="string" required>
  Must be `authorization_code` for this flow.
</ParamField>

<ParamField body="code" type="string" required>
  The authorization code received from the OAuth redirect after user authorization.
</ParamField>

<ParamField body="redirect_uri" type="string" required>
  The redirect URI that was used in the authorization request. Must match exactly.
</ParamField>

***

### Response structure

<ResponseExample>
  ```json Success theme={"system"}
  {
    "access_token": "blnk_at_...",
    "token_type": "Bearer",
    "expires_in": 3600,
    "refresh_token": "blnk_rt_...",
    "scope": "data:read data:write proxy:write"
  }
  ```
</ResponseExample>

<ResponseField name="access_token" type="string" required>
  The access token to use for authenticating API requests. Include in the `Authorization: Bearer <access_token>` header.
</ResponseField>

<ResponseField name="token_type" type="string" required>
  Always `Bearer` for access tokens.
</ResponseField>

<ResponseField name="expires_in" type="integer" required>
  Number of seconds until the access token expires.
</ResponseField>

<ResponseField name="refresh_token" type="string" required>
  Token used to obtain a new access token when the current one expires.
</ResponseField>

<ResponseField name="scope" type="string" required>
  Space-separated list of scopes granted to this token.
</ResponseField>

***

## Need help?

We are very happy to help you make the most of Blnk, regardless of whether it is your first time or you are switching from another tool.

To ask questions or discuss issues, please [contact us](mailto:support@blnkfinance.com) or [join our Discord community](https://discord.gg/7WNv94zPpx).

**Need help with your product?**

Get dedicated support for architecture reviews, integration planning, ledger workflows, and production deployment.