Hosted OAuth - Token exchange
POST {{baseUrl}}/v3/connect/token
The standard OAuth token endpoint for use with Hosted authentication.
- authorization_code: Exchange code returned from OAuth 2.0 authorization with tokens (access_token & refresh_token).
- refresh_token: Issue a new access_token using refresh_token
Learn More:
- Hosted authentication with OAuth and access token
- Hosted OAuth with access token and PKCE
Note that if you set grant_type to refresh_token you must include the client_secret. The client_secret is optional only if you are using PKCE and it's the initial one-time code exchange step (grant_type is set to authorization_code).
Request Body
{"code"=>"{{code}}", "client_id"=>"{{nylas_client_id}}", "client_secret"=>"{{nylas_client_secret}}", "redirect_uri"=>"{{redirect_uri}}", "grant_type"=>"authorization_code"}
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
Content-Type | string | ||
Accept | string |
RESPONSES
status: OK
{"access_token":"\u003cstring\u003e","expires_in":3600,"id_token":"\u003cstring\u003e","refresh_token":"\u003cstring\u003e","scope":"\u003cstring\u003e","token_type":"\u003cstring\u003e","grant_id":"\u003cstring\u003e"}