Get Access Token
Overview
Miden uses the OAuth 2.0 client credentials flow for API authentication. To call any protected endpoint, exchange your client_id and client_secret for a short-lived Bearer token, then include that token in the Authorization header of every subsequent request.
Request an access token
To obtain an access token, send a POST request to the token endpoint using Basic Authentication.
Your Client ID and Client Secret must be Base64 encoded and included in theAuthorization header.
Token URL (sandbox)
Authentication method
The endpoint uses Basic Authentication:
Username | Client ID |
Password | Client Secret |
How to get your API credentials
1
Register
Complete your Sign up and onboarding process, with the registration link sent to the email address of your administrator.
2
Login
After Onboarding, login to your account using your email address, password and 2fa Token.
3
Go to ‘Settings’ page
Next, click on the ‘Settings’ icon at the top-right corner of your dashboard page
4
Navigate to “Developer” page
From your Settings page, click on ‘Developer’ to navigate to the page
5
Fetch API credentials
Finally, fetch your api credentials from your developer page
- The credentials must be encoded and passed in the
Authorizationheader Authorization: Basic base64(client_id:client_secret) - Ensure you have obtained your unique Client ID and Client Secret from your dashboard before using this endpoint.
- Replace
{{tokenURL}}with the actual endpoint URL in your environment. - Once you have the access_token, include it as a Bearer token in the Authorization header of every subsequent API request: Authorization: Bearer <access_token>
- For production credentials and endpoints, contact your account manager or onboarding team.
Headers
Content-Type | application/x-www-form-urlencoded |
Example Request
using System;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;
using System.Collections.Generic;
using System.Text.Json.Serialization;
public class TokenApiResponse
{
public bool IsSuccessful { get; set; } = false;
public string Scope { get; set; }
[JsonPropertyName("token_type")]
public string TokenType { get; set; }
[JsonPropertyName("expires_in")]
public int ExpiresIn { get; set; }
[JsonPropertyName("access_token")]
public string AccessToken { get; set; }
}
class Program
{
static async Task Main(string[] args)
{
// Replace with your actual values
var clientId = "YOUR_CLIENT_ID";
var clientSecret = "YOUR_CLIENT_SECRET";
var tokenUrl = "{{tokenUrl}}";
using var client = new HttpClient();
// Encode credentials (clientId:clientSecret) in Base64
var credentials = $"{clientId}:{clientSecret}";
var base64Credentials = Convert.ToBase64String(
Encoding.UTF8.GetBytes(credentials)
);
// Set headers
client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Basic", base64Credentials);
try
{
var data = new[]
{
new KeyValuePair<string, string>("grant_type", "client_credentials"),
};
var response = await client.PostAsync(
tokenUrl,
new FormUrlEncodedContent(data)
);
if (!response.IsSuccessStatusCode)
{
throw new Exception($"HTTP error: {response.StatusCode}");
}
var responseContent = await response.Content.ReadAsStringAsync();
// Deserialize JSON into DTO
var tokenResponse = JsonSerializer.Deserialize<TokenApiResponse>(
responseContent,
new JsonSerializerOptions
{
PropertyNameCaseInsensitive = true
}
);
if (tokenResponse == null)
{
throw new Exception("Failed to deserialize token response.");
}
tokenResponse.IsSuccessful = true;
Console.WriteLine($"Access token: {tokenResponse.AccessToken}");
}
catch (Exception ex)
{
Console.WriteLine($"Error fetching token: {ex.Message}");
}
}
}// If using Node <18, install node-fetch:
// npm install node-fetch
// const fetch = require("node-fetch");
const clientId = "YOUR_CLIENT_ID";
const clientSecret = "YOUR_CLIENT_SECRET";
const tokenUrl = "{{tokenUrl}}";
// DTO-style structure
class TokenApiResponse {
constructor(data) {
this.isSuccessful = false;
this.scope = data.scope;
this.token_type = data.token_type;
this.expires_in = data.expires_in;
this.access_token = data.access_token;
}
}
async function fetchToken() {
try {
// Encode credentials (clientId:clientSecret) in Base64
const credentials = Buffer.from(`${clientId}:${clientSecret}`).toString("base64");
const response = await fetch(tokenUrl, {
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": `Basic ${credentials}`,
},
body: new URLSearchParams({
grant_type: "client_credentials",
}),
});
if (!response.ok) {
throw new Error(`HTTP error: ${response.status}`);
}
const json = await response.json();
// Map response to DTO
const tokenResponse = new TokenApiResponse(json);
tokenResponse.isSuccessful = true;
console.log("Access token:", tokenResponse.access_token);
return tokenResponse;
} catch (error) {
console.error("Error fetching token:", error.message);
return null;
}
}
// Execute
fetchToken();What made this section helpful for you?
What made this section unhelpful for you?
Status Codes
200
OK
Successful token retrieval.
400
Bad request
Invalid request parameters.
401
Unauthorized
Invalid Client ID or Client Secret
403
Forbidden
Your credentials are valid but your account does not have permission to access this resource. Contact support if you believe this is an error.
405
Method Not Allowed
Unsupported HTTP method
What made this section helpful for you?
What made this section unhelpful for you?