Skip to main content
POST
/
oauth
/
token
Create Auth Token to Initialise the SDK
curl --request POST \
  --url https://sandbox.cashfree.com/verification/oauth/token \
  --header 'Content-Type: application/json' \
  --header 'x-api-version: <x-api-version>' \
  --header 'x-client-id: <api-key>' \
  --header 'x-client-secret: <api-key>' \
  --data '{
  "app_id": "<string>",
  "product": "VKYC",
  "metadata": {
    "vkyc_request_id": 249749
  },
  "authenticated_user": {
    "identifier_type": "mobile",
    "identifier_value": 9909490494
  }
}'
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "expires_at": "2024-02-02 17:30:00 IST"
}

Authorizations

x-client-id
string
header
required

Your unique client identifier issued by Cashfree. You can find this in your Merchant Dashboard.

x-client-secret
string
header
required

The secret key associated with your client ID. Use this to authenticate your API requests. You can find this in your Merchant Dashboard.

Headers

x-cf-signature
string

Send the signature if IP is not whitelisted.

x-api-version
string
required

API version to be used. Format is in YYYY-MM-DD.

Body

application/json

Request payload for create auth token to initialise the SDK.

app_id
string

The OAuth App ID generated in the Merchant Dashboard for the specific product.

Example:

"<string>"

product
string

The product for which the authentication token is generated.

Example:

"VKYC"

metadata
object

The metadata associated with the authentication token.

authenticated_user
object

The identifier of the authenticated user.

Response

Success response for generating an authentication token required to initialize the SDK.

expiry
string

The expiration date and time for the access token.

Example:

"2025-05-05T18:01:05+05:30"

access_token
string

It displays the the access token value.

Example:

"mH5tVmtwod4J9GhCXwTuygd2zRZn4pj5"