Overview
This endpoint is used to exchange an authorization code or refresh token for a new access_token and refresh_token pair. It is a crucial step in authenticating your application with the Hover API using the OAuth 2.0 protocol.
The access_token is a credential that allows your application to securely make requests to the Hover API on behalf of a user. access_tokens have a limited lifespan, so a refresh_token is provided to obtain new access_tokens without requiring the user to re-authenticate.
For more details on how to use this endpoint, please consult our guide on authenticating with Hover's API.
Obtaining an Access Token
This endpoint is for obtaining your initial access token. After successfully obtaining an authorization_code (from the Authorization Code Request step), you will use this endpoint to acquire your initial access_token and refresh_token pair.
Access Tokens are valid for 2 hours from when they are generated. Once expired, your API requests with the existing token will throw an error. You must use your existing refresh token to obtain a new access/refresh token pair.
Sample Request Body
This is a sample request body to obtain API credentials:
{
"grant_type": "authorization_code",
"code": "your_authorization_code_here",
"redirect_uri": "your_redirect_uri_here",
"client_id": "your_client_id_here",
"client_secret": "your_client_secret_here"
}
Sample Response Body
The response body, when successful, will include your access_tokento make subsequent API requests and the refresh_token.
{
"access_token": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOnsi",
"token_type": "Bearer",
"expires_in": 7200,
"refresh_token": "q90aLQhunR_JZ1MQ0kivxtAV",
"scope": "all",
"created_at": 1750191095,
"owner_id": 785,
"owner_type": "orgs"
}