Generate or Refresh Token

post https://test-api.tbcbank.ge/xs2a-sandbox/openbanking/oauth/token

This method creates or refreshes the token depending on the body of the request.
For creating new token required parameters are: grant_type, auth_req_id, and client_id

For refreshing existing token required parameters are: grant_type, refresh_token, client_id

Form Data

user info to be filled

client_id

string

required

The client identifier issued to the client during the registration process

auth_req_id

string

It is the unique identifier to identify the authentication request (transaction) made by the Client

grant_type

required

When creating new token grant_type must be 'urn:openid:params:grant-type:ciba' or 'authorization_code', depending from where process was started.

If authorization initiated from authorize endpoint then the grant_type must be 'authorization_code'.
If authorization initiated from bc authorization endpoint, then the grant_type must be 'urn:openid:params:grant-type:ciba'

For refresh token grant_type must be 'refresh_token'

code-verifier

string

The code verifier for the PKCE request, that the app originally generated before the authorization request.

code

string

The client will send the authorization code it obtained in the redirect

refresh_token

string

refresh_token parameter used when refreshing the token

redirect_uri

string

The redirect URL that was used in the initial authorization request

Responses

Response body

object

access_token

string

Access tokens are credentials used to access protected resources. An access token is a string representing an authorization issued to the client. The string is usually opaque to the client. Tokens represent specific scopes and durations of access, granted by the resource owner, and enforced by the resource server and authorization server.

token_type

string

The access token type provides the client with the information required to successfully utilize the access token to make a protected resource request (along with type-specific attributes). The client MUST NOT use an access token if it does not understand the token type.

refresh_token

string

Refresh tokens are credentials used to obtain access tokens. Refresh tokens are issued to the client by the authorization server and are used to obtain a new access token when the current access token becomes invalid or expires, or to obtain additional access tokens with identical or narrower scope (access tokens may have a shorter lifetime and fewer permissions than authorized by the resource owner). Issuing a refresh token is optional at the discretion of the authorization server.

refresh_token_issued_at

string

refresh token issued timestamp

refresh_token_expires_in

string

The lifetime in seconds of the access token. For example, the value "3600" denotes that the access token will expire in one hour from the time the response was generated. If omitted, the authorization server SHOULD provide the expiration time via other means or document the default value

refresh_count

integer

indicates how many times the token has been refreshed

scope

string

The authorization and token endpoints allow the client to specify the scope of the access request using the "scope" request parameter. In turn, the authorization server uses the "scope" response parameter to inform the client of the scope of the access token issued.

issued_at

string

refresh token last update timestamp

expires_in

string

current token expire seconds

Headers

object

X-Request-ID

uuid

ID of the request, unique to the call, as determined by the initiating party.

Language

URL


xxxxxxxxxx
1
curl --request POST \
2
     --url https://test-api.tbcbank.ge/xs2a-sandbox/openbanking/oauth/token \
3
     --header 'accept: application/json' \
4
     --header 'content-type: application/x-www-form-urlencoded' \
5
     --data grant_type=authorization_code

Click Try It! to start a request and see the response here! Or choose an example:

application/json

application/problem+json

200Success

400BadRequest

500Server Error