# Create Token

ℹ️ **Create Token (OAuth 2.0 - Client Credentials Grant)**

To interact with our reservation system API, you'll need to authenticate using OAuth 2.0, specifically the **Client Credentials Grant** flow. This method is designed for server-to-server communication without involving a user. Below, you'll find detailed instructions on how to obtain an access token, which you will use in subsequent API calls.

⚙️ **Use the base resource URL** for the following examples, or [see complete collection](https://documenter.getpostman.com/view/50380496/2sB3dK1YWg#2fa66ba7-b915-4459-9e7c-67232d707994)

```
https://api.octotable.com/octotable-auth/api/v2
```

ℹ️ **Authentication Method Overview**

Our API uses OAuth 2.0 to ensure secure access to protected resources. In this flow:

1. **Client Identification**: Your application authenticates using a unique Client ID and Client Secret provided during registration.
2. **Requesting an Access Token**: The client sends a POST request to our authorization server to obtain an access token. The type of the provided token is "Bearer".
3. **API Access**: The access token must be included in the header of each subsequent API request to authenticate and authorize access to the system's protected resources.

<mark style="color:blue;">**Step 1:**</mark> Request an Access Token  (or use your favorite programming language [see more](https://documenter.getpostman.com/view/50380496/2sB3dK1YWg#2fa66ba7-b915-4459-9e7c-67232d707994))

## Create a new token

<mark style="color:yellow;">**`POST`**</mark> `/oauth2/token`

Generate new access token

**Headers**

| Name           | Value            |
| -------------- | ---------------- |
| `Content-Type` | application/json |
| `Accept`       | application/json |

**Body**

| Name            | Value                   | Description                                         |
| --------------- | ----------------------- | --------------------------------------------------- |
| `grant_type`    | client\_credentials     | The credential type to exchange for an access token |
| `client_id`     | \<your\_client\_id>     | The client id provided after registration           |
| `client_secret` | \<your\_client\_secret> | The client secret provided after registration       |

**Example**

{% tabs %}
{% tab title="Request" %}

```json
curl --location "https://api.octotable.com/octotable-auth/api/v2/oauth2/token" \
--data-urlencode "grant_type=client_credentials" \
--data-urlencode "client_id=your_client" \
--data-urlencode "client_secret=***"
```

{% endtab %}

{% tab title="Response" %}

```json
{
    "access_token": "YOUR_ACCESS_TOKEN",
    "expires_in": 1440,
    "type": "Bearer"
}
```

{% endtab %}
{% endtabs %}

<mark style="color:blue;">**Step 2:**</mark> Include it in the Authorization header of all your subsequent API requests (see complete examples in collection Postman)

```bash
curl -X GET https://api.octotable.com/api/v2/ -H "Authorization: Bearer YOUR_ACCESS_TOKEN"
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://octotable-1.gitbook.io/octotable-api/authentication/quickstart.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.