Skip to main content
POST
/
oauth2
/
generate-token
OAuth Access Token Generation
curl --request POST \
  --url https://sandbox.cashfree.com/verification/oauth2/generate-token \
  --header 'Content-Type: application/json' \
  --header 'x-api-version: <x-api-version>' \
  --header 'x-client-id: <api-key>' \
  --header 'x-client-secret: <api-key>' \
  --data '
{
  "auth_code": "auth_code_value"
}
'
{
  "reference_id": 123456,
  "verification_id": "test_verification_id",
  "expiry": "2024-12-31T23:59:59Z",
  "access_token": "access_token_value"
}

Authorizations

x-client-id
string
header
required

Your unique client identifier issued by Cashfree. You can find this in your Merchant Dashboard.

x-client-secret
string
header
required

The secret key associated with your client ID. Use this to authenticate your API requests. You can find this in your Merchant Dashboard.

Headers

x-api-version
string
default:2024-12-01
required

API version to be used. Format is in YYYY-MM-DD.

Example:

"2024-12-01"

Body

application/json

Find the request parameters to Access Token Generation.

auth_code
string
required

This is the authcode for generating the access token. The SDK sends the callback using the redirect URL provided in the Merchant Dashboard while creating the app. The authcode will be included in the callback sent to the redirect URL.

Example:

"auth_code_value"

Response

Access Token Generation Response Body

verification_id
string

It displays the unique ID you created to identify the verification request in initiate OAuth request.

Example:

"test_verification_id"

reference_id
integer

It displays the unique ID created by Cashfree Payments for reference purposes. format: int64

Example:

123

expiry
string

The expiration date and time for the access token, in UTC format. Format - YYYY-MM-DDTHH:mm:ssZ.

Example:

"2024-12-31T23:59:59Z"

access_token
string

It displays the the access token value. Use this access token to get the user details in fetch user details API.

Example:

"access_token_value"