Skip to main content
POST
/
oauth
/
token
Create Auth Token to Initialise the SDK
curl --request POST \
  --url https://sandbox.cashfree.com/verification/oauth/token \
  --header 'Content-Type: application/json' \
  --header 'x-client-id: <api-key>' \
  --header 'x-client-secret: <api-key>' \
  --data '
{
  "app_id": "<string>",
  "product": "VKYC",
  "metadata": {
    "vkyc_request_id": 249749
  },
  "authenticated_user": {
    "identifier_type": "mobile",
    "identifier_value": 9909490494
  }
}
'
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "expires_at": "2024-02-02 17:30:00 IST"
}

Authorizations

x-client-id
string
header
required

Client ID. You can find your ID in the Merchant Dashboard.

x-client-secret
string
header
required

Client secret key. You can find your secret key in the Merchant Dashboard.

Headers

x-cf-signature
string

Send the signature if IP is not whitelisted.

Body

application/json

Request payload for create auth token to initialise the SDK.

app_id
string

The OAuth App ID generated in the Merchant Dashboard for the specific product.

Example:

"<string>"

product
string

The product for which the authentication token is generated.

Example:

"VKYC"

metadata
object

The metadata associated with the authentication token.

authenticated_user
object

The identifier of the authenticated user.

Response

Success response for generating an authentication token required to initialize the SDK.

expiry
string

The expiration date and time for the access token.

Example:

"2025-05-05T18:01:05+05:30"

access_token
string

It displays the the access token value.

Example:

"mH5tVmtwod4J9GhCXwTuygd2zRZn4pj5"