Authentication

OAuth 2.0 authentication endpoints

Get OAuth Access Token

post

/v1/oauth/token

OAuth 2.0 Client Credentials flow endpoint.

Two authentication methods supported:

Standard OAuth (client_secret):
- Include client_secret in request body
- No additional headers needed
mTLS OAuth (RFC 8705 - certificate replaces secret):
- Include X-Client-Cert header with base64-encoded certificate
- Omit client_secret from request body
- Certificate authenticates the client instead of secret

Token lifetime: 1 hour Verification: Fast local JWT verification (<1ms)

Header parameters

X-Client-Certstring · byteOptional

For mTLS clients only (RFC 8705): Base64-encoded client certificate in PEM format.

When provided, certificate replaces client_secret for authentication.

Example:

LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURE...

To encode your certificate:

base64 -w 0 client.crt

Body

grant_typestring · enumRequired

OAuth grant type (must be client_credentials)

Possible values:

client_idstringRequired

Your OAuth client identifier

client_secretstringOptional

Your OAuth client secret.

Required for standard OAuth clients. Omit for mTLS clients - certificate authenticates instead.

Responses

200

Access token issued successfully

application/json

400

Invalid request (missing or invalid parameters)

application/json

401

Invalid client credentials

application/json

post

/v1/oauth/token

POST /v1/oauth/token HTTP/1.1
Host: enterprise.bitmind.ai
Content-Type: application/x-www-form-urlencoded
Accept: */*
Content-Length: 119

"grant_type='client_credentials'&client_id='dae11660b4da11f08a03cb03e6b22977'&client_secret='your-client-secret'"

{
  "access_token": "eyJhbGciOiJSUzI1NiJ9...",
  "token_type": "Bearer",
  "expires_in": 3600
}

PreviousAuthentication Methods NextHealth & Status

Last updated 1 month ago

Good night

Get OAuth Access Token