Client Credentials

The client_credentials grant supports 2 use cases:

  • Generating a token for creating, deleting, reading users or updating consent on a connection that have been created using your oauth client credentials The scopes that can be requested are user:create, user:read, user:update and user:delete
  • Generating a token to access a specific user’s data (e.g. accounts, transactions). The sub query parameter is required
  • Access tokens issued through the client_credentials grant expire after 7200 seconds (2 hours). To maintain secure access, ensure your application handles token expiration properly.

To get a client credentials token, you'll need to call our /token end point - see our authentication documentation for how to authenticate against this end point - and pass in the following body, along with any authentication fields specified in the authentication document:

FieldTypeDescription
grant_typestringWill always be client_credentials for this instance
scopestringThe scopes you wish to request for the access token

Example of a client_credentials grant for data access

// @mft/moneyhub-api-client
const {access_token} = await moneyhub.getClientCredentialTokens({
  scope: "accounts:read transactions:read:all",
  userId: "example-user-id"
})