Skip to content
RallyHere Docs

Oauth Token Exchange

POST
/users/v1/oauth/token

Exchange an authorization_code from the /users/v1/oauth/response/{platform} endpoint for an access token and refresh token.

Authorizations

Parameters

Header Parameters

user-agent
string
x-forwarded-for
string

Request Body required

OAuth token exchange request.

object
grant_type
required

Grant type for the OAuth exchange.

string
Allowed values: authorization_code
code
required

Authorization_code for the OAuth exchange.

string
>= 1 characters
accepted_eula

If true, the user has accepted the EULA.

boolean
accepted_tos

If true, the user has accepted the TOS.

boolean
accepted_privacy_policy

If true, the user has accepted the Privacy Policy.

boolean

Responses

200

Successful Response

OAuth token exchange response. Successful response will contain an access_token and refresh_token.

If the user has not accepted all required agreements, the response will contain the appropriate needs_* flags and a regenerated_code. The regenerated_code is an authorization_code that can be used after the user has accepted the required agreements.

object
access_token

Access token for the user.

string
refresh_token

Refresh token for the user.

string
needs_eula

If true, the user must accept the EULA before a token can be generated.

boolean
needs_tos

If true, the user must accept the TOS before a token can be generated.

boolean
needs_privacy_policy

If true, the user must accept the Privacy Policy before a token can be generated.

boolean
regenerated_code

If present, a new code was generated and can be used after the user accepts the required agreements.

string
error_message

Error message if an error occurred.

string

403

Error Codes:

  • authorization_code_not_found: Authorization code not found or expired
object
auth_success
boolean
default: true
error_code
required
string
desc
required
string

422

Validation Error

object
detail
Array<object>
object
loc
required
Array
msg
required
string
type
required
string