OAuth API

You will get the authorization code after you allow access to the application. It must be exchanged for an access token which is required to invoke the Payment Gateway and Payouts APIs.

Exchange Authorization Code for Access Token

Request URL
https://api.cashfree.com/partners/login/access_token

Request Method - POST

Query Parameters - N/A

Request Payload Sample


		{
               "grant_type": "authorization_code",
               "code": "vCoE6r5qthLPr6lA3VAF1G1VwjrI0sbX",
               "client_id": "6yx7i7YClzzCTdGixktEaAUcNYxFzKXf",
               "client_secret": "Gy8KtPNUr4dt489Aws38481PlK6wTAwE"
             }

Payload Details

  • grant_type - will always be authorization_code
  • code - the authorization code which was sent as a query parameter in the redirection
  • client_id - the client id which was returned in the response of the create partner application request in the partner dashboard
  • client_secret - the client secret which was returned in the response of the create partner application request in the partner dashboard.

Token Expiry

All authorization codes and access tokens expire after a fixed period of time. If an expired access_token is used, the API will respond with an HTTP 401 status. Refresh tokens can be exchanged for a new access_token and refresh_token.