> ## Documentation Index > Fetch the complete documentation index at: https://developers.dwolla.com/llms.txt > Use this file to discover all available pages before exploring further. # Create an application access token > Generate an application access token using OAuth 2.0 client credentials flow for server-to-server authentication. Requires client ID and secret sent via Basic authentication header with grant_type=client_credentials in the request body. Returns a bearer access token with expiration time for authenticating API requests scoped to your application. Essential for secure API access. ## OpenAPI ````yaml post /token openapi: 3.1.0 info: title: Dwolla API description: Dwolla API Documentation contact: name: Dwolla Developer Relations Team url: https://developers.dwolla.com email: api@dwolla.com version: '2.0' termsOfService: https://www.dwolla.com/legal/tos/ license: name: MIT url: https://github.com/Dwolla/dwolla-openapi/blob/master/LICENSE servers: - url: https://api.dwolla.com description: Production server - url: https://api-sandbox.dwolla.com description: Sandbox server security: - clientCredentials: [] tags: - name: tokens description: Operations related to Application Access Tokens - name: root description: Root API operations - name: accounts description: Operations related to Accounts - name: customers description: Operations related to Customers - name: kba description: Operations related to Knowledge-Based Authentication - name: beneficial owners description: Operations related to Beneficial Owners - name: documents description: Operations related to Documents - name: exchanges description: Operations related to Exchanges - name: exchange sessions description: Operations related to Exchange Sessions - name: funding sources description: Operations related to Funding Sources - name: transfers description: Operations related to Transfers - name: labels description: Operations related to Labels - name: mass payments description: Operations related to Mass Payments - name: events description: Operations related to Events - name: webhook subscriptions description: Operations related to Webhook Subscriptions - name: webhooks description: Operations related to Webhooks - name: client tokens description: Operations related to Client Tokens - name: sandbox simulations description: Sandbox-only operations for simulating processing of bank transfers paths: /token: post: tags: - tokens summary: Create an application access token description: >- Generate an application access token using OAuth 2.0 client credentials flow for server-to-server authentication. Requires client ID and secret sent via Basic authentication header with grant_type=client_credentials in the request body. Returns a bearer access token with expiration time for authenticating API requests scoped to your application. Essential for secure API access. operationId: createApplicationAccessToken requestBody: required: true description: >- OAuth get token request. Client credentials are sent in the Authorization header using Basic authentication. content: application/x-www-form-urlencoded: schema: type: object required: - grant_type properties: grant_type: type: string enum: - client_credentials description: Must be set to "client_credentials" example: client_credentials responses: '200': description: successful operation headers: {} content: application/json: schema: type: object required: - access_token - token_type - expires_in properties: access_token: type: string description: >- A new access token that is used to authenticate against resources that belong to the app itself. example: gTm0p62yYXFiB1rOdhV0TsNOinC2V2P1CMaAtojkO9JEGbv3i5 token_type: type: string description: The type of token, always "Bearer" example: Bearer expires_in: type: integer description: >- The lifetime of the access token, in seconds. Default is 3600. example: 3599 '401': description: Unauthorized headers: {} content: application/json: schema: type: object properties: error: type: string example: invalid_client security: - basicAuth: [] x-codeSamples: - lang: bash source: > POST https://api-sandbox.dwolla.com/token Authorization: Basic YkVEMGJMaEFhb0pDamplbmFPVjNwMDZSeE9Eb2pyOUNFUzN1dldXcXUyeE9RYk9GeUE6WEZ0bmJIbXR3dXEwNVI1Yk91WmVOWHlqcW9RelNSc21zUU5qelFOZUFZUlRIbmhHRGw= Content-Type: application/x-www-form-urlencoded grant_type=client_credentials - lang: javascript source: > // Using DwollaV2 - https://github.com/Dwolla/dwolla-v2-node // This example assumes you've already initialized the client. Reference the SDKs page for more information: https://developers.dwolla.com/sdks-tools client.auth .client() .then(function (appToken) { return appToken.get("/"); }) .then(function (res) { console.log(JSON.stringify(res.body)); }); - lang: python source: > # Using dwollav2 - https://github.com/Dwolla/dwolla-v2-python // This example assumes you've already initialized the client. Reference the SDKs page for more information: https://developers.dwolla.com/sdks-tools app_token = client.Auth.client() - lang: php source: > token(); DwollaSwagger\Configuration::$access_token = $appToken->access_token; ?> - lang: ruby source: > # Using DwollaV2 - https://github.com/Dwolla/dwolla-v2-ruby // This example assumes you've already initialized the client. Reference the SDKs page for more information: https://developers.dwolla.com/sdks-tools app_token = $dwolla.auths.client # => # access_token="..." expires_in=3600 scope="..."> components: securitySchemes: clientCredentials: type: oauth2 flows: clientCredentials: tokenUrl: /token x-speakeasy-token-endpoint-authentication: client_secret_basic scopes: {} ````