{ "openapi": "3.0.0", "info": { "title": "OAuth Token API", "description": "This API provides an OAuth 2.0 **Client Credentials** flow to obtain access tokens\nthat are required to call secured endpoints. \nThe token is a JWT (JSON Web Token) with a limited lifetime.\n", "version": "1.0", "contact": { "name": "SQR", "email": "support@sqr.id", "url": "https://sqr.id" } }, "servers": [ { "url": "https://api.sqr-group.com" } ], "tags": [ { "name": "OAuth Token", "description": "— This API allows clients to obtain access tokens using the client credentials flow." } ], "paths": { "/oauth2/token": { "post": { "summary": "Get access token", "description": "Request an access token using the **Client Credentials Grant**. \nThe access token is required for calling all secured APIs.\n", "operationId": "getAccessToken", "tags": [ "OAuth Token" ], "security": [], "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/TokenRequestDto" } } } }, "responses": { "200": { "description": "Access token successfully generated.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/TokenResponseDto" } } } }, "400": { "description": "Invalid request or missing fields.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/TokenErrorDto" } } } }, "401": { "description": "Authentication failed.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/TokenErrorDto" } } } }, "5XX": { "description": "Internal error during authentication.", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/InternalErrorDto" } } } } } } } }, "components": { "schemas": { "TokenRequestDto": { "type": "object", "required": [ "client_id", "client_secret", "grant_type" ], "properties": { "client_id": { "type": "string", "description": "The client identifier issued during registration.", "example": "354z244b-2b83-4721-922b-9f9b4ba13059" }, "client_secret": { "type": "string", "description": "The client secret issued during registration.", "example": "secret" }, "grant_type": { "type": "string", "description": "Must be `client_credentials` for this flow.", "example": "client_credentials" } } }, "TokenResponseDto": { "type": "object", "properties": { "access_token": { "type": "string", "description": "The JWT access token issued by the server.", "example": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..." }, "token_type": { "type": "string", "description": "Type of the token issued.", "example": "Bearer" }, "expires_in": { "type": "integer", "description": "Lifetime of the access token in seconds.", "example": 3600 }, "scope": { "type": "string", "description": "Granted scopes.", "example": "read:users write:logs" } }, "required": [ "access_token", "token_type", "expires_in" ] }, "TokenErrorDto": { "type": "object", "properties": { "error": { "type": "string", "description": "Error type identifier.", "example": "invalid_client" }, "error_description": { "type": "string", "description": "Human-readable error explanation.", "example": "Client authentication failed" } }, "required": [ "error", "error_description" ] }, "InternalErrorDto": { "type": "object", "properties": { "code": { "type": "number", "example": 503 }, "timestamp": { "type": "string", "format": "date-time", "example": "2025-07-11T06:51:25.202Z" }, "path": { "type": "string", "example": "/oauth2/token" }, "method": { "type": "string", "example": "POST" }, "error": { "type": "string", "example": "INTERNAL_SERVER_ERROR" }, "message": { "type": "string", "example": "Internal Server Error" } }, "required": [ "code", "timestamp", "path", "method", "error", "message" ] } } } }