#Access Token

You can identify yourself via standard login credentials and receive a token.

We use an OAuth2 JWT token, containing the user’s aid and uid too and an expiration. The Access Token has a short lifespan, currently 1 hour, so we include a Refresh Token that can be used to renew the expired Access Token.

The Refresh Token is valid for longer, currently 1 month.

Don’t forget to save and submit the token with your following requests.

This endpoint is only available from API v2

#To obtain an Access Token via Password:

POST https://api.corvusgps.com/v2/access-token/

Include the following in the request’s body:

{
    "grant_type": "password",
    "scope": "all",
    "client_id": "aVeryLongAndSecretId",
    "username": "theUsersEmailAddress",
    "password": "yesThePassword"
}

#To obtain an Access Token via a Refresh Token

GET https://api.corvusgps.com/v2/access-token/

Include the following in the request’s body:

{
    "grant_type": "refresh_token",
    "scope": "all",
    "client_id": "aVeryLongAndSecretId",
    "refresh_token": "refreshToken"
}

The reply will be similar to the following:
{
    "token_type": "Bearer",
    "expires_in": "", //integer TTL
    "access_token": "", //JWT key signed with the server's private key
    "refresh_token": "" //encoded key to request a new Access Token
}

Access Token example:
Header:
```json
{
   "typ": "JWT",
   "alg": "HS256"
}

Payload:

{
    "aud": "4VRTctbGUC5JuuuCsJinoyNNOgRWyGH8gUutRFEBdAQ2PFdwQ5uKlaJirjh0KaG1k1PB4",
    "jti": "ba8ebc08e10207374b022144d9776207fc4faa940a2040f38459cc66021f62bd95c61",
    "iat": 1599944266,
    "nbf": 1599944266,
    "exp": 1599999893,
    "sub": "45:10",
    "scopes":
        [
            "all"
        ]
}