> For clean Markdown of any page, append .md to the page URL.
> For a complete documentation index, see https://docs.perkss.io/llms.txt.
> For AI client integration (Claude Code, Cursor, etc.), connect to the MCP server at https://docs.perkss.io/_mcp/server.

# Api Token Exchange

POST /api/v1/auth/token
Content-Type: application/json

Reference: https://docs.perkss.io/api-reference/perkss-partner-api/auth/api-token-exchange

## OpenAPI Specification

```yaml
openapi: 3.1.0
info:
  title: v1
  version: 1.0.0
paths:
  /api/v1/auth/token:
    post:
      operationId: ApiToken_exchange
      summary: Api Token Exchange
      tags:
        - auth
      parameters:
        - name: authorization
          in: header
          required: true
          schema:
            type: string
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Auth_ApiToken_exchange_Response_200'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TokenExchangeDto'
components:
  schemas:
    TokenExchangeDto:
      type: object
      properties:
        grant_type:
          type: string
          description: OAuth 2.0 grant type — only client_credentials is supported.
        client_id:
          type: string
          description: The API key id shown in the CMS key list.
        client_secret:
          type: string
          description: >-
            The API key secret (perkss_sk_live_…) shown exactly once at
            creation. May alternatively be sent via HTTP Basic authentication.
        ttl_seconds:
          type: string
          description: >-
            Requested token lifetime in seconds, clamped to [60, 86400].
            Defaults to 86400 (24h). Use short TTLs for browser-bound tokens.
      required:
        - grant_type
      title: TokenExchangeDto
    Auth_ApiToken_exchange_Response_200:
      type: object
      properties: {}
      description: Empty response body
      title: Auth_ApiToken_exchange_Response_200

```

## Examples



**Request**

```json
{
  "grant_type": "client_credentials"
}
```

**Response**

```json
{}
```

**SDK Code**

```python
import requests

url = "https://api.example.com/api/v1/auth/token"

payload = { "grant_type": "client_credentials" }
headers = {
    "authorization": "authorization",
    "Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.json())
```

```javascript
const url = 'https://api.example.com/api/v1/auth/token';
const options = {
  method: 'POST',
  headers: {authorization: 'authorization', 'Content-Type': 'application/json'},
  body: '{"grant_type":"client_credentials"}'
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}
```

```go
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io"
)

func main() {

	url := "https://api.example.com/api/v1/auth/token"

	payload := strings.NewReader("{\n  \"grant_type\": \"client_credentials\"\n}")

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("authorization", "authorization")
	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}
```

```ruby
require 'uri'
require 'net/http'

url = URI("https://api.example.com/api/v1/auth/token")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["authorization"] = 'authorization'
request["Content-Type"] = 'application/json'
request.body = "{\n  \"grant_type\": \"client_credentials\"\n}"

response = http.request(request)
puts response.read_body
```

```java
import com.mashape.unirest.http.HttpResponse;
import com.mashape.unirest.http.Unirest;

HttpResponse<String> response = Unirest.post("https://api.example.com/api/v1/auth/token")
  .header("authorization", "authorization")
  .header("Content-Type", "application/json")
  .body("{\n  \"grant_type\": \"client_credentials\"\n}")
  .asString();
```

```php
<?php
require_once('vendor/autoload.php');

$client = new \GuzzleHttp\Client();

$response = $client->request('POST', 'https://api.example.com/api/v1/auth/token', [
  'body' => '{
  "grant_type": "client_credentials"
}',
  'headers' => [
    'Content-Type' => 'application/json',
    'authorization' => 'authorization',
  ],
]);

echo $response->getBody();
```

```csharp
using RestSharp;

var client = new RestClient("https://api.example.com/api/v1/auth/token");
var request = new RestRequest(Method.POST);
request.AddHeader("authorization", "authorization");
request.AddHeader("Content-Type", "application/json");
request.AddParameter("application/json", "{\n  \"grant_type\": \"client_credentials\"\n}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
```

```swift
import Foundation

let headers = [
  "authorization": "authorization",
  "Content-Type": "application/json"
]
let parameters = ["grant_type": "client_credentials"] as [String : Any]

let postData = JSONSerialization.data(withJSONObject: parameters, options: [])

let request = NSMutableURLRequest(url: NSURL(string: "https://api.example.com/api/v1/auth/token")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error as Any)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()
```