API ReferenceapiidentityPOST /v1/oauth/token

POST /v1/oauth/token

Service: identity · operationId: (none)

OAuth 2.1 token endpoint — exchange code or refresh token

Required scopes

(no scope declared — review service config)

Responses

200 Tokens issued

{
  "type": "object",
  "properties": {
    "access_token": {
      "type": "string",
      "description": "Opaque access token (lph_at_*)"
    },
    "token_type": {
      "type": "string",
      "enum": [
        "Bearer"
      ]
    },
    "expires_in": {
      "type": "integer",
      "description": "Token lifetime in seconds"
    },
    "refresh_token": {
      "type": "string",
      "description": "Opaque refresh token (lph_rt_*)"
    },
    "scope": {
      "type": "string",
      "description": "Space-separated granted scopes"
    },
    "id_token": {
      "type": "string",
      "description": "OIDC id_token JWT (when openid scope)"
    }
  },
  "required": [
    "access_token",
    "token_type",
    "expires_in",
    "refresh_token",
    "scope"
  ]
}

400 Invalid request

{
  "type": "object",
  "properties": {
    "error": {
      "type": "string",
      "description": "OAuth 2 error code (RFC 6749 §5.2)"
    },
    "error_description": {
      "type": "string",
      "description": "Human-readable error message"
    },
    "error_uri": {
      "type": "string",
      "description": "URI for more info"
    }
  },
  "required": [
    "error",
    "error_description"
  ]
}

401 Invalid client or credentials

{
  "type": "object",
  "properties": {
    "error": {
      "type": "string",
      "description": "OAuth 2 error code (RFC 6749 §5.2)"
    },
    "error_description": {
      "type": "string",
      "description": "Human-readable error message"
    },
    "error_uri": {
      "type": "string",
      "description": "URI for more info"
    }
  },
  "required": [
    "error",
    "error_description"
  ]
}

403 Scope or permission denied

{
  "type": "object",
  "properties": {
    "error": {
      "type": "string",
      "description": "OAuth 2 error code (RFC 6749 §5.2)"
    },
    "error_description": {
      "type": "string",
      "description": "Human-readable error message"
    },
    "error_uri": {
      "type": "string",
      "description": "URI for more info"
    }
  },
  "required": [
    "error",
    "error_description"
  ]
}

Example

curl -X POST https://identity.platform.loop.health/v1/oauth/token \
  -H "Authorization: Bearer $ACCESS_TOKEN"