> **Source:** https://knowledge.leegality.com/sign-station/api/generate-token > **Site:** Leegality Knowledge Base — https://knowledge.leegality.com > **About:** Leegality is a document execution platform covering eSigning, stamps, NeSL, workflows, and REST API integration. > **Navigation:** Every article on this site has a plain-text version at `.txt` (this format). To get an index of all articles with their `.txt` links, read: https://knowledge.leegality.com/llms.txt > **AI Guide:** For instructions on how to navigate this knowledge base as an AI agent, read: https://knowledge.leegality.com/ai-readable.txt --- # POST /api/v1/auth/token — OAuth2 Client Token Authenticates an OAuth2 client using client ID and client secret credentials. This API is designed for machine-to-machine (M2M) communication and programmatic API access. Returns a JWT access token associated with the user linked to the OAuth2 client. The token contains the user's permissions and can be used to make API calls on behalf of that user. **Authentication:** `X-Auth-Token` header required on every request. ## Request URL ``` POST https://app1.leegality.com/api/api/v1/auth/token ``` **Environments:** - Production: `https://app1.leegality.com/api/api/v1/auth/token` - Sandbox: `https://sandbox.leegality.com/api/api/v1/auth/token` --- ## Request Body **Content-Type:** `application/json` | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `clientId` | string | Yes | The client ID issued to the client during the registration process. | `TestAPISecretKey` | | `clientSecret` | string | Yes | The client secret issued to the client during the registration process. | `7wHdO0PBqujt63lrlDwf-kbfrI3sKhjHf5-psnNj8-c` | ### Sample Request ```json { "clientId": "TestAPISecretKey", "clientSecret": "7wHdO0PBqujt63lrlDwf-kbfrI3sKhjHf5-psnNj8-c" } ``` --- ## Responses ### 200 — OK | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `code` | string | No | Response code indicating success or failure of the token request. | `LE_SS_301` | | `message` | string | No | A message providing additional information about the token request. | `Authentication successful.` | | `data` | TokenVO | No | See **TokenVO** below. | — | #### TokenVO | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `accessToken` | string | No | JWT token to use in Authorization header as 'Bearer ' | `eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbkBsZWVnYWxpdHkuY29tIiw` | | `tokenType` | string | No | Type of the token, typically "Bearer" for JWT tokens. | `Bearer` | | `expiresIn` | integer | No | Expiration time of the token in seconds. | `3600` | ### 400 — Invalid request - Client ID or Client Secret is blank | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `code` | string | No | Top-level error code | `LE_ERR_SS_400` | | `errors` | array\ | No | List of error details See **ErrorDetailToken400VO** below. | — | #### ErrorDetailToken400VO | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `message` | string | No | Detailed error message | `Invalid value for field [clientSecret], Client secret cannot` | | `path` | string | No | API path that generated the error | `/api/v1/auth/token` | ### 404 — OAuth2 Client not found | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `code` | string | No | Top-level error code | `LE_ERR_SS_404` | | `errors` | array\ | No | List of error details See **ErrorDetailToken404VO** below. | — | #### ErrorDetailToken404VO | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `message` | string | No | Detailed error message | `OAuth2 Client with client ID admin@leegality.com does not ex` | | `path` | string | No | API path that generated the error | `/api/v1/auth/token` | | `code` | string | No | Specific error code | `LE_ERR_SS_001` | ### 500 — Internal server error | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `code` | string | No | Top-level error code | `LE_ERR_SS_500` | | `errors` | array\ | No | List of error details See **ErrorDetailToken500VO** below. | — | #### ErrorDetailToken500VO | Field | Type | Required | Description | Example | |-------|------|----------|-------------|---------| | `message` | string | No | Detailed error message | `Internal Server Error` | | `path` | string | No | API path that generated the error | `null` | | `code` | string | No | Specific error code | `null` | ### Sample Response (200) ```json { "code": "LE_SS_301", "message": "Authentication successful.", "data": { "accessToken": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbkBsZWVnYWxpdHkuY29tIiwiaWF0IjoxNzY1NTI0NzA1LCJleHAiOjE3NjU1MjgzMDV9.v0dYZq57hlao2eHQY9l4bUxW6JnL3EUIpm21clU45F4", "tokenType": "Bearer", "expiresIn": 3600 } } ```