Request Token

Returns a bearer token needed for all Customer Consent Management Dashboard API requests.

Each token expires in five minutes. A fresh token must be requested after expiration or revocation.

This request requires a client_id and client_secret in the header. Only admins can view, generate, and rotate credentials. The body of the request must include the consent_management scope and the customerId which matches the openid_connect_user_id. To manage credentials in the Data Provider Portal, go to Configuration > Consent Dashboard Management and select Generate API credentials.

POST

/api/{version}/token

Path Parameters

Field Required Type

Field	Required	Type
version API version. Indicates which FDX version is in use. Default value = `v4`.	Required	String

version

API version. Indicates which FDX version is in use. Default value = v4.

Required

String

Body Parameters

Field	Required	Type

type For Consent Management, `type` must be `consent_management`.	Required	String

scopes Include `customer.modify_consent:{customer_id}`. The {customer_id} is the customer's `openid_connect_user_id`.	Required	String

Request sample

Language:shell


_10curl -L -g -X POST 'http://{{baseurl}}/api/{{version}}/token' \
_10-H 'Content-Type: application/json' \
_10-H 'Accept: application/json' \
_10-H 'Authorization: Basic BASE_64_ENCODING_OF{client_id:client_secret}' \
_10--data-raw '{"type":"consent_management","scopes":"customer.modify_consent:{customer_id}"}'

Response sample

200

Language:json


_10{
_10    "access_token": "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjoiY29uc2VudF9tYW5hZ2VtZW50Iiwic2NvcGVzIjp7ImN1c3RvbWVyLm1vZGlmeV9jb25zZW50IjoiZk43U3NJTWZKdkpKY05qS0JtQjZLZyJ9LCJleHAiOjE3NDYxNDM1MTMsImlhdCI6MTc0NjE0MzIxMywianRpIjoiYmQ0MWY3N2UtNjg4NC00MThjLTg2ZTAtM2JiMGRiYzEyYTc3IiwiX3R5cGUiOiJJbnN0aXR1dGlvbiIsIl9pZCI6ImJrdSJ9.q9dvdMTW9kiKOSAeSNICoSWWKsmsCW4MEk85JQA9OWY"
_10}