The client credentials flow is the simplest OAuth 2 grant, with a server-to-server exchange of your application's client_id
, client_secret
for an OAuth application access token. In order to execute this flow, your application will send a POST requests with the Authorization header that contains the word Basic
followed by a space and a base64-encoded string client_id:client_secret
.
Authorization: Basic Base64(client_id:client_secret)
Production: POST https://api.dwolla.com/token
Sandbox: POST https://api-sandbox.dwolla.com/token
Including the Content-Type: application/x-www-form-urlencoded
header, the request is sent to the token endpoint with grant_type=client_credentials
in the body of the request:
Parameter | Required | Type | Description |
---|---|---|---|
client_id | yes | string | Application key. Navigate to https://dashboard.dwolla.com/applications (production) or https://dashboard-sandbox.dwolla.com/applications-legacy (Sandbox) for your application key. |
client_secret | yes | string | Application secret. Navigate to https://dashboard.dwolla.com/applications (production) or https://dashboard-sandbox.dwolla.com/applications-legacy (Sandbox) for your application secret. |
grant_type | yes | string | This must be set to client_credentials . |
Parameter | Description |
---|---|
access_token | A new access token that is used to authenticate against resources that belong to the app itself. |
expires_in | The lifetime of the access token, in seconds. Default is 3600. |
token_type | Always bearer . |
// Using DwollaV2 - https://github.com/Dwolla/dwolla-v2-node
// This example assumes you've already initialized the client. Reference the SDKs page for more information: https://developers.dwolla.com/sdks-tools
client.auth
.client()
.then(function (appToken) {
return appToken.get("/");
})
.then(function (res) {
console.log(JSON.stringify(res.body));
});
{
"access_token": "SF8Vxx6H644lekdVKAAHFnqRCFy8WGqltzitpii6w2MVaZp1Nw",
"token_type": "bearer",
"expires_in": 3600
}
Use sandbox environment to test API requests.
All funds transfers made using the Dwolla Platform are performed by a financial institution partner, and any funds held in a Dwolla Balance are held by a financial institution partner. Learn more about our financial institution partners.