Skip to main content
POST
/
client-tokens
cURL
POST https://api-sandbox.dwolla.com/client-tokens
Accept: application/vnd.dwolla.v1.hal+json
Content-Type: application/json
Authorization: Bearer {{token}}
{
  "action": "customer.update",
    "_links": {
      "customer": {
          "href": "https://api-sandbox.dwolla.com/customers/{{customerId}}"
      }
    }
  }
// Using dwolla-v2 - https://github.com/Dwolla/dwolla-v2-node
var requestBody = {
_links: {
customer: {
href: "https://api-sandbox.dwolla.com/customers/707177c3-bf15-4e7e-b37c-55c3898d9bf4",
},
},
action: "customer.update",
};

dwolla.post("/client-tokens", requestBody).then((res) => res.body.token); // => '4adF858jPeQ9RnojMHdqSD2KwsvmhO7Ti7cI5woOiBGCpH5krY'
# Using dwollav2 - https://github.com/Dwolla/dwolla-v2-python
request_body = {
'_links': {
'customer': {
'href': 'https://api-sandbox.dwolla.com/customers/707177c3-bf15-4e7e-b37c-55c3898d9bf4'
}
},
'action': 'customer.update'
}

client_token = app_token.post('client-tokens', request_body)
client_token.body['token'] # => '4adF858jPeQ9RnojMHdqSD2KwsvmhO7Ti7cI5woOiBGCpH5krY'
<?php
// Using dwollaswagger - https://github.com/Dwolla/dwolla-swagger-php
$request_body = array (
'_links' =>
array (
'customer' =>
array (
'href' => 'https://api-sandbox.dwolla.com/customers/8779a1f7-7a98-4a86-921e-83539f6c895e',
),
),
'action' => 'customer.update'
);
$clientTokensApi = new DwollaSwagger\TokensApi($apiClient);
$clientToken = $clientTokensApi->clientTokens($request_body);
?>
# Using dwolla_v2 - https://github.com/Dwolla/dwolla-v2-ruby
request_body = {
:_links => {
:customer => {
:href => "https://api-sandbox.dwolla.com/customers/707177c3-bf15-4e7e-b37c-55c3898d9bf4"
}
},
:action => "customer.update"
}

client_token = app_token.post "client-tokens", request_body
client_token.token # => "4adF858jPeQ9RnojMHdqSD2KwsvmhO7Ti7cI5woOiBGCpH5krY"
{
  "token": "4adF858jPeQ9RnojMHdqSD2KwsvmhO7Ti7cI5woOiBGCpH5krY"
}
{
"code": "BadRequest",
"message": "The request body contains bad syntax or is incomplete."
}
{
"code": "Forbidden",
"message": "The supplied credentials are not authorized for this resource."
}

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Headers

Accept
enum<string>
default:application/vnd.dwolla.v1.hal+json
required

The media type of the response. Must be application/vnd.dwolla.v1.hal+json

Available options:
application/vnd.dwolla.v1.hal+json

Body

application/json
action
string
required

A granular permission for the Customer performing an action within a drop-in component

Example:

"customer.update"

Response

Client token created successfully

token
string
required

The client token that can be used with drop-in components

Example:

"4adF858jPeQ9RnojMHdqSD2KwsvmhO7Ti7cI5woOiBGCpH5krY"