Skip to main content

Create an access token



Create an access token using a Client ID and Client Secret.

Your Client ID is your HTTP basic authentication username, your Client Secret is your HTTP basic authentication password.

Your Client ID and Client Secrets are created by the SASE Service when you create a service account or reset your service account.

All access tokens created using this API have a lifetime of 15 minutes.



    grant_type stringrequired

    Possible values: [client_credentials]

    Access token grant type. This must always be client_credentials.

    scope string

    The scope of the access request. This must be the TSG ID for which you want to perform API access, and it must be formatted in the following way:

    "scope": "tsg_id:<TSG_ID>"

    If the service account that you use to authenticate this request does not have role access to the TSG specified in this scope, this API call will fail.


Returns an access token and access token metadata.

    access_token string

    The access token issued by the authorization server

    token_type string

    The type of the token issued (default bearer)

    expires_in integer

    The lifetime in seconds of the access token.

    scope string

    The scopes contained in the access token.