Docs

Select Language

Select Product

Select Category

Home

API Reference

API Fundamentals
SDK Support
Drop-in Components
Authorization
Overview Application authorization
Root
Accounts
Customers
Knowledge-based Authentication (KBA)
Beneficial Owners
Documents
Exchanges
Open Banking
Funding Sources
Transfers
Labels
Mass payments
Events
Webhook subscriptions
Webhooks

Get API Keys

Application authorization #

The client credentials flow is the simplest OAuth 2 grant, with a server-to-server exchange of your application's client_id, client_secret for an OAuth application access token. In order to execute this flow, your application will send a POST requests with the Authorization header that contains the word Basic followed by a space and a base64-encoded string client_id:client_secret.

Authorization: Basic Base64(client_id:client_secret)

HTTP request #

Production: POST https://api.dwolla.com/token

Sandbox: POST https://api-sandbox.dwolla.com/token

Including the Content-Type: application/x-www-form-urlencoded header, the request is sent to the token endpoint with grant_type=client_credentials in the body of the request:

Request parameters #

Parameter	Required	Type	Description
client_id	yes	string	Application key. Navigate to `https://dashboard.dwolla.com/applications` (production) or `https://dashboard-sandbox.dwolla.com/applications-legacy` (Sandbox) for your application key.
client_secret	yes	string	Application secret. Navigate to `https://dashboard.dwolla.com/applications` (production) or `https://dashboard-sandbox.dwolla.com/applications-legacy` (Sandbox) for your application secret.
grant_type	yes	string	This must be set to `client_credentials`.

Response parameters

Parameter	Description
access_token	A new access token that is used to authenticate against resources that belong to the app itself.
expires_in	The lifetime of the access token, in seconds. Default is 3600.
token_type	Always `bearer`.

Request

Raw

POST https://api-sandbox.dwolla.com/token
Authorization: Basic YkVEMGJMaEFhb0pDamplbmFPVjNwMDZSeE9Eb2pyOUNFUzN1dldXcXUyeE9RYk9GeUE6WEZ0bmJIbXR3dXEwNVI1Yk91WmVOWHlqcW9RelNSc21zUU5qelFOZUFZUlRIbmhHRGw=
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials

Successful response

bash

{
  "access_token": "SF8Vxx6H644lekdVKAAHFnqRCFy8WGqltzitpii6w2MVaZp1Nw",
  "token_type": "bearer",
  "expires_in": 3600
}

Overview

Test in the Sandbox for free today.

Use sandbox environment to test API requests.

Get API Keys

Dwolla

Product

Developers

Financial institutions play an important role in our network.

All funds transfers made using the Dwolla Platform are performed by a financial institution partner, and any funds held in a Dwolla Balance are held by a financial institution partner. Learn more about our financial institution partners.