> ## Documentation Index
> Fetch the complete documentation index at: https://docs-sandbox.sparkle.fyi/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Token

> Get access token from the bank using the client_id and client_secret via Basic Auth



## OpenAPI

````yaml openapi.yaml post /oauth2/token
openapi: 3.0.0
info:
  title: Open API
  version: v1
  contact:
    name: Sparkle
    email: support@sparkle.ng
    url: https://sparkle.ng
  description: >
    The Regulatory Framework for Open Banking in Nigeria established principles
    for data sharing across the banking and payments system to promote
    innovations and broaden the range of financial products and services
    available to bank customers. As a result, open banking recognizes the
    ownership and control of data by customers of financial and non-financial
    services, and their right to grant authorizations to service providers for
    the purpose of accessing innovative financial products and services.


    ## What this document is about

    This is a draft of the API specification standards designed to be used in
    compliance with the Central Bank of Nigeria (CBN) operational guidelines on
    open banking within the Nigerian financial ecosystem.


    ## Scope

    Given the open banking proposition, any organisation that has data of
    customers which may be exchanged with other entities for the purpose of
    providing innovative financial services within Nigeria, is eligible to
    participate in the Open Banking ecosystem.


    ## Authentication

    Authorization to API endpoints is performed using OAuth 2.0 Client
    Credentials flow.


    https://apis.openbanking.ng/#d9bd2beb-bb24-4ac3-95c4-7fc3d4f486c3
servers:
  - url: '{authUrl}'
    variables:
      authUrl:
        default: https://identity-sandbox.sparkle.fyi
        description: Authentication URL
  - url: '{apiUrl}'
    variables:
      apiUrl:
        default: https://api-sandbox.sparkle.fyi/openapi/v1
        description: Base URL for the API
security: []
tags:
  - name: DynamicClientRegistration
    description: Dynamic client registration endpoints
  - name: Consent
    description: Authentication and authorization endpoints
  - name: Meta
    description: Meta information endpoints
  - name: Health
    description: Health check endpoints
  - name: Customers
    description: Customer management endpoints
  - name: Accounts
    description: Account management endpoints
  - name: Transfers
    description: Transaction and transfer related endpoints
  - name: Bill Payments
    description: Bill payment related endpoints
  - name: Disputes
    description: Dispute management endpoints
  - name: Direct Debits
    description: Direct debit management endpoints
  - name: Cards
    description: Card management and transaction endpoints
  - name: Loans
    description: Loan management endpoints
  - name: Savings
    description: Savings management endpoints
paths:
  /oauth2/token:
    post:
      tags:
        - Consent
      summary: Get Token
      description: >-
        Get access token from the bank using the client_id and client_secret via
        Basic Auth
      operationId: getAccessToken
      requestBody:
        required: true
        content:
          application/x-www-form-urlencoded:
            schema:
              type: object
              required:
                - grant_type
              properties:
                grant_type:
                  type: string
                  enum:
                    - authorization_code
                    - refresh_token
                    - urn:ietf:params:oauth:grant-type:device_code
                  description: The grant type
                  example: authorization_code
                code:
                  type: string
                  description: The authorization code, required for authorization code flow
                  example: 33742103-b60c-4cfd-afca-3673e3f867f4
                device_code:
                  type: string
                  description: The device code, required for device flow
                  example: 33742103-b60c-4cfd-afca-3673e3f867f4
                client_id:
                  type: string
                  description: The client identifier, required for device flow
                  example: '{{CLIENT_ID}}'
                refresh_token:
                  type: string
                  description: The refresh token, required for refresh token flow
                  example: 33742103-b60c-4cfd-afca-3673e3f867f4
                redirect_uri:
                  type: string
                  description: The redirect URI, required for authorization code flow
                  example: https://myloanapp.com/callback
      responses:
        '200':
          description: Token obtained successfully
          content:
            application/json:
              schema:
                type: object
                required:
                  - access_token
                  - token_type
                  - expires_in
                properties:
                  access_token:
                    type: string
                    description: The access token issued by the authorization server
                  token_type:
                    type: string
                    enum:
                      - Bearer
                    description: The type of token issued
                  scope:
                    type: string
                    description: The scope of the token
                    example: openid profile email
                  refresh_token:
                    type: string
                    description: The refresh token issued by the authorization server
                  id_token:
                    type: string
                    description: The ID token issued by the authorization server
                  expires_in:
                    type: integer
                    description: The lifetime in seconds of the access token
                    example: 3600

````