Skip to main content

Authentication

Our APIs use OAuth 2.0 to authenticate clients.

Creating an Access Token

The OAuth token exchange flow will differ depending on the API you're using. See the OAuth App API Authentication and Partner API Authentication docs for more details.

Refreshing an Access Token

Access tokens expire after one hour. You can generate a new one using the method above or by using the refresh_token grant_type with the refresh token you obtained from a previous call to /v0/auth/token.

Note: both methods generate a new access_token.

Request
{
  method: 'POST',
  url: 'https://api.firstdollar.com/v0/auth/token',
  headers: {'Content-Type': 'application/json'},
  data: {
    grant_type: 'refresh_token',
    refresh_token: '<your-refresh-token>'
  }
}
Sample Response
{
  "access_token": "<access-token>",
  "refresh_token": "<refresh-token>",
  "expires_in": 3600
}

Providing the Access Token on API Requests

Request
{
  method: 'POST',
  url: 'https://api.firstdollar.com/graphql',
  headers: {
    'Content-Type': 'application/json',
    Authorization: 'Bearer <access-token>',
  },
  data: {
    query: '{ ... }',
    variables: { ... },
  }
}