Get Access Token

Authenticates user credentials and returns access and refresh tokens for API access.

OAuth 2.0 Password Grant

This endpoint implements the OAuth 2.0 password grant flow for initial user authentication.

Required parameters:

grant_type: password

username: User email address

password: User password

client_id: OAuth client identifier

client_secret: OAuth client secret

Authentication Process:

Validates client credentials against configured OAuth clients

Authenticates user email and password against the database

Retrieves user permissions, campaigns, and organization data

Creates session in Redis with user profile and permissions

Generates access token (UUID, 1 hour TTL) and refresh token (UUID, 30 days TTL)

Returns both tokens in the response

Response Tokens

The response includes two tokens:

access_token: Use for API authentication (valid for 1 hour)

refresh_token: Long-lived token returned for future use (valid for 30 days)

Token Usage

Include the access token in all API requests:

Authorization: Bearer 946e347b-48ce-41d1-aae6-756ddc552d18

Rate Limiting

This endpoint is rate-limited to 10 requests per minute per IP to prevent brute-force attacks.

curl --location --request POST 'https://apicfa.convirza.com/oauth/token' \ --data-urlencode 'grant_type=password' \ --data-urlencode 'username=user@convirza.com' \ --data-urlencode 'password=mySecurePassword123' \ --data-urlencode 'client_id=system' \ --data-urlencode 'client_secret=f558ba166258089b2ef322c340554c'

{ "access_token": "946e347b-48ce-41d1-aae6-756ddc552d18", "refresh_token": "e46d437e-346b-4de4-a2a3-5f4b610cdfe1", "expires_in": 3600, "status": "success", "token_type": "Bearer" }

OAuth 2.0 Password Grant

Response Tokens

Token Usage

Rate Limiting

Request

Responses

Get Access Token

OAuth 2.0 Password Grant#

Response Tokens#

Token Usage#

Rate Limiting#

Request

Responses

OAuth 2.0 Password Grant

Response Tokens

Token Usage

Rate Limiting