Get access token

fcc finance uses oauth2 authentication implemented through the client credentials flow , a secure, industry‑standard method for system‑to‑system communication oauth2 is an authorization framework that allows applications to obtain limited access to apis without requiring a user to manually log in in the client credentials flow , your application authenticates directly with fcc finance by presenting a client id and client secret , which fcc issues during onboarding this flow is ideal for backend services because it does not involve end‑user interaction—your server requests an access token from our authorization service, and that token is then used to securely call our apis auth server urls environment url production https //api fccfinance com/servicing/oauth/token development https //api fccfinance com/servicing/oauth/token token retrieval before you can make a request to our api's you need to request an access token using the client id and client secret that were provided in the encrypted email the access token will allow you to make secure requests to our api's to request an access token you will make a post /servicing/oauth/token request containing the client id and client secret that were provided for the environment you are using the request will also contain a grant type set to client credentials the following curl request can be used to retrieve a access token from our development environment curl location request post 'https //api fccfinance dev/servicing/oauth/token' \\ \ header 'content type application/x www form urlencoded' \\ \ data urlencode 'client id=\[your id here]' \\ \ data urlencode 'client secret=\[your secret here]' \\ \ data urlencode 'grant type=client credentials'{ "access token" "many characters", "expires in" 86400, "token type" "bearer" } you must use the content type application/x www form urlencoded you cannot use json to request an access token make note that the access token will expire after a certain amount of time passes when the access token expires you will need to request a new access token from the auth server url if you make a request using the expired access token you will recieve a status 401 unauthorized http { "name" "retrieve access token", "method" "post", "url" "https //api fccfinance dev/servicing/oauth/token", "description" "retrieve an access token from the specified environment", "tab" "examples", "examples" { "languages" \[ { "id" "omst7ngpxtqy2qgvn1nwi", "language" "javascript", "code" "const myheaders = new headers();\nmyheaders append(\\"content type\\", \\"application/x www form urlencoded\\");\n\nconst urlencoded = new urlsearchparams();\nurlencoded append(\\"client id\\", \\"\[your id here]\\");\nurlencoded append(\\"client secret\\", \\"\[your secret here]\\");\nurlencoded append(\\"grant type\\", \\"client credentials\\");\n\nconst requestoptions = {\n method \\"post\\",\n headers myheaders,\n body urlencoded,\n redirect \\"follow\\"\n};\n\nfetch(\\"https //api fccfinance dev/servicing/oauth/token\\", requestoptions)\n then((response) => response text())\n then((result) => console log(result))\n catch((error) => console error(error));", "customlabel" "" } ], "selectedlanguageid" "omst7ngpxtqy2qgvn1nwi" }, "results" { "languages" \[ { "id" "lvdmm7cnrg5zjk6wx3cbj", "language" "200", "code" "{\n \\"access token\\" \\"many characters\\",\n \\"expires in\\" 86400,\n \\"token type\\" \\"bearer\\"\n}", "customlabel" "" } ], "selectedlanguageid" "lvdmm7cnrg5zjk6wx3cbj" }, "request" { "pathparameters" \[], "queryparameters" \[], "headerparameters" \[], "bodydataparameters" \[ { "name" "client id", "kind" "required", "type" "string", "description" "the client id used to request the access token you will recieve this in the encrypted email containing your credentials ", "" "required" }, { "name" "client secret", "kind" "required", "type" "string", "description" "the client secret used to request the access token you will recieve this in the encrypted email containing your credentials ", "" "required" }, { "name" "grant type", "kind" "required", "type" "string", "description" "always set to client credentials", "" "always set to client credentials" } ], "formdataparameters" \[] }, "currentnewparameter" { "label" "body parameter", "value" "bodydataparameters" }, "hastryitout" false, "response" \[ { "name" "access token", "kind" "optional", "type" "string", "description" "the access token retieved after authenticating" }, { "name" "expires in", "kind" "optional", "type" "number", "description" "the amount of seconds between when the access token was retrieved and when the access token expires", "children" \[] }, { "name" "token type", "kind" "optional", "type" "string", "description" "will always be set to bearer", "children" \[] } ], "autogeneratedanchorslug" "retrieve access token", "legacyhash" "d8p3o6s7ginfzdw16giop" }