Client Credentials
The client_credentials
grant supports 2 use cases:
- Generating a token for creating, deleting, reading users or updating consent on a connection that have been created using your oauth client credentials The scopes that can be requested are
user:create
,user:read
,user:update
anduser:delete
- Generating a token to access a specific user’s data (e.g. accounts, transactions). The
sub
query parameter is required - Access tokens issued through the
client_credentials
grant expire after 7200 seconds (2 hours). To maintain secure access, ensure your application handles token expiration properly.
To get a client credentials token, you'll need to call our /token
end point - see our authentication documentation for how to authenticate against this end point - and pass in the following body, along with any authentication fields specified in the authentication document:
Field | Type | Description |
---|---|---|
grant_type | string | Will always be client_credentials for this instance |
scope | string | The scopes you wish to request for the access token |
Example of a client_credentials grant for data access
// @mft/moneyhub-api-client
const {access_token} = await moneyhub.getClientCredentialTokens({
scope: "accounts:read transactions:read:all",
userId: "example-user-id"
})
Updated 8 months ago