> ## Documentation Index
> Fetch the complete documentation index at: https://docs.saturnshift.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Get an access token

> Exchange your client credentials for a short-lived bearer token using the OAuth2 client_credentials grant. Send the credentials in the body (application/x-www-form-urlencoded) or as HTTP Basic auth. Tokens expire in 1 hour.



## OpenAPI

````yaml /openapi.json post /oauth/token
openapi: 3.0.3
info:
  title: SaturnShift Partner API
  version: 1.0.0
  description: >-
    Server-to-server API for partner PSPs to authenticate, read native crypto
    transactions and merchants, and receive webhooks. All endpoints are scoped
    to the authenticated institution.
servers:
  - url: https://api.saturnshift.io
    description: Production
security: []
tags:
  - name: Authentication
    description: OAuth2 client credentials.
  - name: Transactions
    description: Read native crypto transactions.
  - name: Merchants
    description: Read your merchants.
paths:
  /oauth/token:
    post:
      tags:
        - Authentication
      summary: Get an access token
      description: >-
        Exchange your client credentials for a short-lived bearer token using
        the OAuth2 client_credentials grant. Send the credentials in the body
        (application/x-www-form-urlencoded) or as HTTP Basic auth. Tokens expire
        in 1 hour.
      requestBody:
        required: true
        content:
          application/x-www-form-urlencoded:
            schema:
              type: object
              required:
                - grant_type
                - client_id
                - client_secret
              properties:
                grant_type:
                  type: string
                  enum:
                    - client_credentials
                  example: client_credentials
                client_id:
                  type: string
                  example: ss_client_live_xxx
                client_secret:
                  type: string
                  example: ss_secret_live_xxx
                scope:
                  type: string
                  description: Optional space-separated subset of your granted scopes.
                  example: transactions:read merchants:read
      responses:
        '200':
          description: Token issued
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TokenResponse'
        '400':
          description: Unsupported grant type or invalid scope
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthError'
        '401':
          description: Invalid client credentials
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OAuthError'
      security: []
components:
  schemas:
    TokenResponse:
      type: object
      properties:
        access_token:
          type: string
          example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
        token_type:
          type: string
          example: Bearer
        expires_in:
          type: integer
          example: 3600
        scope:
          type: string
          example: transactions:read merchants:read
    OAuthError:
      type: object
      properties:
        error:
          type: string
          example: invalid_client
        error_description:
          type: string
          nullable: true

````