Exchange Code for Token

curl --request POST \
  --url 'https://sandbox.connect.hopae.com/api/v1/token' \
  --header 'Content-Type: application/json' \
  --data '{
    "grant_type": "authorization_code",
    "code": "auth_xyz",
    "client_id": "client123",
    "client_secret": "secret456"
  }'

{
  "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
}

POST

api

token

curl --request POST \
  --url 'https://sandbox.connect.hopae.com/api/v1/token' \
  --header 'Content-Type: application/json' \
  --data '{
    "grant_type": "authorization_code",
    "code": "auth_xyz",
    "client_id": "client123",
    "client_secret": "secret456"
  }'

{
  "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Exchanges an authorization code for an ID token, following the OIDC standard. PKCE is supported.

Request Body

grant_type

string

default:"authorization_code"

required

Must be ‘authorization_code’.

code

string

required

The authorization code received after a successful verification.

client_id

string

required

Your application’s Client ID.

client_secret

string

required

Your application’s Client Secret. Required for confidential clients.

code_verifier

string

(Optional) The PKCE code verifier. Required if a codeChallenge was provided during verification creation.

Response

id_token

string

A JWT containing the user’s verified claims.

curl --request POST \
  --url 'https://sandbox.connect.hopae.com/api/v1/token' \
  --header 'Content-Type: application/json' \
  --data '{
    "grant_type": "authorization_code",
    "code": "auth_xyz",
    "client_id": "client123",
    "client_secret": "secret456"
  }'

{
  "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Cancel Verification

API Reference

Providers

Verifications

Token

Exchange Code for Token

Request Body

Response

API Reference

Providers

Verifications

Token

​Request Body

​Response

Request Body

Response