> ## Documentation Index
> Fetch the complete documentation index at: https://www.cashfree.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# OAuth Access Token Generation

> Use this API to generate an access token after the user completes the OAuth authentication process. This token is required to access user details once the user provides consent.
<Note> The X Client ID and X Client Secret mentioned in this API are obtained from the [Merchant Dashboard](https://merchant.cashfree.com/verificationsuite/1-click-onboarding) when creating the app under 1-Click section.</Note>



## OpenAPI

````yaml post /oauth2/generate-token
openapi: 3.0.0
info:
  license:
    name: Apache 2.0
    url: https://www.apache.org/licenses/LICENSE-2.0.html
  contact:
    email: developers@cashfree.com
    name: API Support
    url: https://discord.com/invite/QdZkNSxXsB
  title: Cashfree Verification API's.
  version: '2023-12-18'
  description: >-
    Cashfree's Verification APIs provide different types of verification to our
    merchants.
servers:
  - description: Sandbox Server
    url: https://sandbox.cashfree.com/verification
  - description: Production Server
    url: https://api.cashfree.com/verification
security: []
tags:
  - name: Aadhaar
    description: Operations related to Aadhaar verification.
  - name: BAV V2
    description: Operations related to Bank account verification v2.
  - name: PAN
    description: Operations related to PAN verification.
  - name: Digilocker
    description: Operations related to Digilocker verification.
  - name: E-sign
    description: Operations related to E-sign verification.
  - name: Reverse Penny Drop
    description: Operations related to Reverse Penny Drop verification.
  - name: UPI Penny Drop
    description: Operations related to UPI Penny Drop verification.
  - name: Mobile Penny Drop
    description: Operations related to Mobile Penny Drop verification.
  - name: IP
    description: Operation related to IP verification.
  - name: UPI
    description: Operations related to UPI verification.
  - name: Passport
    description: Operation related to Passport verification.
  - name: CIN
    description: Operation related to CIN verification.
  - name: Name Match
    description: Operation related to Name Match verification.
  - name: PAN to GSTIN
    description: Operation related to PAN to GSTIN.
  - name: Face Match
    description: Operation related to Face Match verification.
  - name: Voter ID
    description: Operation related to Voter ID verification.
  - name: Reverse Geocoding
    description: Operation related to Reverse Geocoding.
  - name: Vehicle RC
    description: Operation related to Vehicle RC verification.
  - name: Driving License
    description: Operation related to Driving License verification.
  - name: GSTIN
    description: Operation related to GSTIN verification.
  - name: Account Aggregator
    description: Operations related to Account aggregator.
  - name: OTPLess
    description: Operations related to OTPLess Verification.
  - name: 1-Click
    description: Operations related to 1-Click.
  - name: Smart OCR
    description: Operations related to Smart OCR.
  - name: Geocoding
    description: Operations related to Geocoding.
  - name: Udyam
    description: Operation related to Udyam verification.
  - name: PAN to Udyam
    description: Operation related to PAN to Udyam.
paths:
  /oauth2/generate-token:
    post:
      tags:
        - 1-Click
      summary: OAuth Access Token Generation
      description: >-
        Use this API to generate an access token after the user completes the
        OAuth authentication process. This token is required to access user
        details once the user provides consent.

        <Note> The X Client ID and X Client Secret mentioned in this API are
        obtained from the [Merchant
        Dashboard](https://merchant.cashfree.com/verificationsuite/1-click-onboarding)
        when creating the app under 1-Click section.</Note>
      operationId: VrsUserVaultAccessTokenGeneration
      parameters:
        - $ref: '#/components/parameters/global_x_api_version'
      requestBody:
        $ref: '#/components/requestBodies/AccessTokenGenerationRequestBody'
      responses:
        '200':
          $ref: '#/components/responses/AccessTokenGenerationResponse'
        '400':
          $ref: '#/components/responses/400AccessTokenGeneration'
        '401':
          $ref: '#/components/responses/Response401'
        '429':
          $ref: '#/components/responses/Response429'
        '500':
          $ref: '#/components/responses/Response500V2'
      security:
        - UVXClientID: []
          UVXClientSecret: []
components:
  parameters:
    global_x_api_version:
      description: API version to be used. Format is in YYYY-MM-DD.
      name: x-api-version
      in: header
      required: true
      schema:
        type: string
        default: '2024-12-01'
        example: '2024-12-01'
      example: '2024-12-01'
  requestBodies:
    AccessTokenGenerationRequestBody:
      description: Find the request parameters to Access Token Generation.
      required: true
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/AccessTokenGenerationRequestSchema'
  responses:
    AccessTokenGenerationResponse:
      description: Access Token Generation Response Body.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/AccessTokenGenerationResponseSchema'
          examples:
            SUCCESS:
              value:
                reference_id: 123456
                verification_id: test_verification_id
                expiry: '2024-12-31T23:59:59Z'
                access_token: access_token_value
    400AccessTokenGeneration:
      description: Validation Errors Initiate OAuth.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponseSchema'
          examples:
            Auth Code Missing:
              value:
                type: validation_error
                code: auth_code_missing
                message: auth_code is missing in the request.
            Invalid Auth Code:
              value:
                type: validation_error
                code: auth_code_value_invalid
                message: auth_code should be valid.
            Client ID in Missing:
              value:
                type: validation_error
                code: x-client-id_missing
                message: x-client-id is missing in the request.
            Client Secret in Missing:
              value:
                type: validation_error
                code: x-client-secret_missing
                message: x-client-secret is missing in the request.
    Response401:
      description: Invalid client ID and client secret combination.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponseSchema'
          examples:
            Invalid client ID and client secret combination:
              value:
                type: authentication_error
                code: authentication_failed
                message: Invalid clientId and clientSecret combination
    Response429:
      description: Rate limit exceed error.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponseSchema'
          examples:
            Rate limit error per operation:
              value:
                type: rate_limit_error
                code: too_many_requests_per_operation
                message: Too many requests for this operation, rate limit reached
            Rate limit error per IP:
              value:
                type: rate_limit_error
                code: too_many_requests_per_ip
                message: Too many requests from the IP, rate limit reached
    Response500V2:
      description: Internal error.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponseSchema'
          examples:
            Internal Server Error:
              value:
                type: internal_error
                code: verification_failed
                message: something went wrong
  schemas:
    AccessTokenGenerationRequestSchema:
      type: object
      required:
        - auth_code
      properties:
        auth_code:
          type: string
          example: auth_code_value
          description: >-
            This is the authcode for generating the access token. The SDK sends
            the callback using the redirect URL provided in the [Merchant
            Dashboard](https://merchant.cashfree.com/verificationsuite/1-click-onboarding)
            while creating the app. The authcode will be included in the
            callback sent to the redirect URL.
    AccessTokenGenerationResponseSchema:
      type: object
      properties:
        verification_id:
          type: string
          description: >-
            It displays the unique ID you created to identify the verification
            request in initiate OAuth request.
          example: test_verification_id
        reference_id:
          type: integer
          description: >-
            It displays the unique ID created by Cashfree Payments for reference
            purposes.

            format: `int64`
          example: 123
        expiry:
          type: string
          description: >-
            The expiration date and time for the access token, in UTC format.
            Format - `YYYY-MM-DDTHH:mm:ssZ`.
          example: '2024-12-31T23:59:59Z'
        access_token:
          type: string
          description: >-
            It displays the the access token value. Use this access token to get
            the user details in fetch user details API.
          example: access_token_value
    ErrorResponseSchema:
      type: object
      properties:
        code:
          type: string
          example: x-client-id_missing
        error:
          type: object
          example:
            ref_id: 102
        message:
          type: string
          example: x-client-id is missing in the request.
          description: It displays the outcome of the error.
        type:
          type: string
          example: validation_error
          description: It displays the type of error.
  securitySchemes:
    UVXClientID:
      type: apiKey
      in: header
      name: x-client-id
      description: >-
        Your unique client identifier issued by Cashfree. You can find this in
        your [Merchant
        Dashboard](https://merchant.cashfree.com/verificationsuite/1-click-onboarding).
    UVXClientSecret:
      type: apiKey
      in: header
      name: x-client-secret
      description: >-
        The secret key associated with your client ID. Use this to authenticate
        your API requests. You can find this in your [Merchant
        Dashboard](https://merchant.cashfree.com/verificationsuite/1-click-onboarding).

````