API ცნობარები

Request an access token

post
https://test-api.tbcbank.ge/oauth/token

Issues an OAuth 2.0 access token using the Client Credentials grant flow.

The client authenticates using HTTP Basic authentication — the Authorization header
must contain the Base64-encoded client_id:client_secret pair:

Authorization: Basic Base64(client_id:client_secret)

The request body must be sent as application/x-www-form-urlencoded.

How to use the token

Once issued, include the access_token value in every subsequent API call as a
Bearer token in the Authorization header:

Authorization: Bearer {access_token}

The token is valid for 1 hour indicated by expires_in. After expiry,
request a new token using this endpoint.

Form Data
string
enum
required

OAuth 2.0 grant type. Must be client_credentials for machine-to-machine integrations where the client application acts on its own behalf, without a user context.

Allowed:
string
required

Space-separated list of OAuth 2.0 scopes being requested. Use bab_accounts to request access to the BAB Accounts API (account movements and statements). If multiple scopes are needed, separate them with a space, e.g. bab_accounts other_scope.

Responses

access_token as a Bearer token in the Authorization header of all subsequent API requests.

Authorization header are invalid, missing or the client is not registered.

Updated 6 days ago

Language
Credentials
Basic
base64
:
URL
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json

Updated 6 days ago