POST
/
access
/
token
/
exchange
curl --request POST \
  --url https://authservice.withbenji.com/access/token/exchange \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "exchange_token": "<string>"
}'
{
    "code": "ok",
    "data": {
        "user_id": 1,
        "merchant_id": 1,
        "token_data": {
            "access_token": "0c371a1c-aa81-11ef-b28c-0a58a9feac02",
            "refresh_token": "05tghegts-aa81-sgte-hgte-u8nhgbvgtio",
            "access_token_expires_at": "Tue, 22 Oct 2024 21:57:02 GMT"
        }
    }
}
The Bearer token to be used on this API is your partner access token
exchange_token
string
required

The token received from the onSuccess callback method specified as part of the sdk initialization flow

Return values

user_id
integer
required

The Benji Platform ID associated with the user.

merchant_id
integer
required

Your system ID as specified on the Benji Platform

token_data
object
required

An object representing the access_token, refresh_token to use when using the Benji Platform APIs as well as the access token expiry date. Once an access token expires, you can use the refresh tpken to obtain a new access token silently without requiring the user to authenticate again.

{
    "code": "ok",
    "data": {
        "user_id": 1,
        "merchant_id": 1,
        "token_data": {
            "access_token": "0c371a1c-aa81-11ef-b28c-0a58a9feac02",
            "refresh_token": "05tghegts-aa81-sgte-hgte-u8nhgbvgtio",
            "access_token_expires_at": "Tue, 22 Oct 2024 21:57:02 GMT"
        }
    }
}
Access token are typically valid for 90 days. You can refresh an access token either before it expires proactively, or after calling an API and getting an expired_token 401 status code
Make sure to exchange the token returned by the Connect SDK promptly following a succesfull user connect flow. The exchange token is valid for 15 minutes after the succesfull callback flow