Get an access token with Oauth2


Start at the beginning by obtaining an access token with Oauth2. With the access token you can perform API requests. Obtaining an access token can be easily done in 2 simple steps. First you will need a grant token, which can then be exchanged for an access token.

Step 1: obtaining a grant code

The first step in obtaining an access token is to obtain a grant code which can eventually be exchanged for an access token. You can obtain a grant code by going to authorize URL of the Oauth2 flow with the correct parameters. Change the parameters in the authorize URL underneath with the correct client_id, a correct redirect URI and the correct scopes. In this case we use http://localhost/ as the redirect URI. And provide a value for the state parameter. This is used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client.,notifications,manage,trade&redirect_uri=http://localhost/

When you visit the authorize endpoint you will be requested to login into Cryptohopper if you haven't already, and afterwards you will be requested to approve the access scopes of the app. When you click on approve you will be redirected back to your redirect URI. In the request to the redirect URI the grant code will be added to request as a GET parameter called: code. Save this code because you will need it in the next step to exchange it for an access token.

Step 2: exchange the grant code for an access token

Now that you have a grant code we can exchange it for an access token by making a json POST request to the token endpoint of the Oauth flow. The API call to the authorize endpoint needs to be a JSON encoded POST request. If you do not have any coding experience you could use a website like Underneath you will find details of the token endpoint. Change the client_id and code parameters in the JSON example.

API endpoint:


	"client_id": "The app key of your application.",
	"client_secret": "The app secret of your application.",
	"grant_type": "authorization_code",
	"redirect_uri": "Your redirect URL",
	"code": "The grant token/code received in the first step."

After a successfull request you will receive a JSON response containing the access_token. Copy and save this access token in a secure location.

JSON response:

	"access_token": "The returned access token.",
	"expires_in": "The number of seconds the access token will be valid.",
	"token_type": "Bearer",
	"scope": "read,manage,trade",
	"refresh_token": "The returned refresh token."

Congratulations! You have now obtained an access token which you can use to make API requests with. For more information about authenticating with Oauth2, please read more on our authentication page.