This is a really important message about something. It could be about anything we deem important enough to tell everyone. It might have links to places, but shouldn't have any images or non-text content. Messages shouldn't be longer than two lines on normal sized layouts.
Genesys Cloud Developer CenterGenesys Cloud Developer Center
Browser storage is disabled

Your theme selection will not be remembered when you refresh the page. Please enable browser storage in the Account Switcher above to allow this setting to be remembered.

Topics
Analytics & Data Management
Authorization
Overview
Auth API Resources
Platform API Client Authorization
Overview Additional Authorization Parameters
Authorization Guides
Digging Deeper Enable CORS Fine-Grained Access Control Grant - Authorization Code Grant - Client Credentials Grant - Implicit Grant - OAuth2 SAML2 Bearer Grant - Proof Key for Code Exchange (PKCE) How to Use Base 64 Encoding OAuth Redirect Error Codes OAuth Scopes Quick Reference
Billing
Communication & Digital Channels
GDPR & Privacy
Notifications & Alerts
Organization
Platform
Routing & Conversation Handling
Telephony
User & Agent Management
Resources
Announcements
AppFoundry
Genesys for Builders - Amazon Web Services Developer Blog Blueprints Changelog
Developer Applications
Developer Guides Videos
Home
|Authorization
|Platform API Client Authorization
Removed from toolbox

Grant - Client Credentials

The following is an overview of OAuth 2 authentication with a client credentials grant. For more information on roles and divisions, see Fine-Grained Access Control

The client credentials grant is useful in headless applications that do not have a UI for a user to be able to authenticate, but need to make authenticated API requests. When using the client credentials grant, resources like /api/v2/users/me will not be available because the auth token is not in the context of a user. Since there is no actual user to obtain permissions from, client credentials OAuth clients must be configured with a set of role-division pairs from which to obtain the necessary API access. These role-division pairs are limited to a necessary subset of the ones that the user creating the client id has access.

Overview of the Client Credentails Grant flow

Obtain an Access Token

Follow these steps to obtain an access token using the client credentials method. For a more concise rundown, see Quick Reference.

Get the OAuth Client Information

Navigate to the OAuth admin page (Admin > Integrations > OAuth). The Client ID for each configured OAuth client will be shown in the list. Editing the OAuth client will additionally display the grant type, client secret, and the redirect URIs. Take note of these values as they will be used in the following steps. For help creating a new OAuth client, see Create an OAuth Client.

Get Access Token

Make a POST request to the authorization service to get an access token. The request must contain the client ID and client secret in the base 64 encoded Authorization header. For help creating the Authorization header, see How to Use Base 64 Encoding.

Copied
POST /oauth/token HTTP/1.1
Host: login.mypurecloud.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic BASE64(<client_id>:<client_secret>)

grant_type=client_credentials

The authorization service returns a JSON response with the token, token type, token expiry time in seconds, and an error string if an error occurred.

Copied
{
  "access_token": "token",
  "token_type": "bearer",
  "expires_in": 86400,
  "error": "optional-error-message"
}

Use the access token

Follow these guidelines for using access tokens:

  • After authenticating, include a token with every API request.
  • Pass the token using the HTTP Authorization header with the bearer keyword, as follows:
Copied
GET /api/v2/users HTTP/1.1
Host: api.mypurecloud.com
Content-Type: application/json
Authorization: Bearer token

Example

For a walkthrough of the client credentials grant, see the OAuth Client Credentials Login Flow guide.

Genesys Cloud resourcesBeyond TrainingCommunity ForumKnowledge NetworkResource CenterStatus
App FoundryOverviewAvailable AppsContributeStyle Guide
Connect with usGithubTwitterDeveloper ForumDeveloper BlogGenesys BlogDevCast Newsletter
Copyright © 2025 Genesys. All rights reserved.
Terms of Use | Privacy Policy
On this page

Privacy Settings

This site uses cookies and related technologies, as described in our privacy policy, for purposes that may include site operation, analytics, enhanced user experience, or advertising. You may choose to consent to our use of these technologies, or manage your own preferences. Learn more here