Create V2 Access Token
V2 Token Endpoint - Use this endpoint for most current Candescent APIs (Accounts, Alerts, Banking Images, Disclosures, Money Movement, Transactions).
Issues OAuth 2.0 access tokens for authenticated API access via the Candescent Developer Console.
Supported Grant Types:
- client_credentials: Institution-level access without user context. Subsequent API calls require
hostUserIdorloginIdas query parameter. - password: User-level access with username and password. Returns both access token and refresh token.
- authorization_code: (Internal use) For OpenID Connect flows.
- refresh_token: Obtain new access token using a previously issued refresh token.
Authentication: Use HTTP Basic Auth with client_id as username and client_secret as password.
Note: For legacy V1 APIs (Send Event, Destinations, Get FI Customer, Register User), use the V1 token endpoint (POST /v1/oauth/token) instead.
Request
Responses
- 200
- 400
- 401
- 403
- 500
Successfully generated the access token.
Response Headers
Unique identifier for the response, used to correlate with the request's transactionId.
Returned when the request is syntactically incorrect or contains invalid parameters. Common causes include missing required headers, malformed body, or unsupported grant types.
Response Headers
Unique identifier for the response, used to correlate with the request's transactionId.
Returned when client authentication fails due to missing or invalid credentials. Ensure that client_id and client_secret are correctly provided via HTTP Basic Auth.
Response Headers
Unique identifier for the response, used to correlate with the request's transactionId.
Returned when the authenticated client is not authorized to perform the requested operation. This may occur due to insufficient privileges or access restrictions.
Response Headers
Unique identifier for the response, used to correlate with the request's transactionId.
Returned when the server encounters an unexpected condition that prevents it from fulfilling the request. Retry the request or contact support if the issue persists.
Response Headers
Unique identifier for the response, used to correlate with the request's transactionId.