POST
/
v2
/
openidc
/
token
cURL
curl --request POST \
  --url https://staging.terminal3.io/v2/openidc/token \
  --header 'Content-Type: application/json' \
  --data '{
  "grant_type": "authorization_code",
  "code": "<string>",
  "client_id": "<string>",
  "client_secret": "<string>",
  "redirect_uri": "<string>"
}'
{
  "scope": "openid",
  "token_type": "Bearer",
  "access_token": "<string>",
  "expire_in": 123,
  "id_token": "<string>"
}

Once users are authorized, the one-time code will be returned to the client, which will then combine it with the client_secret to obtain an access token.

The id_token and access_token

id_token is a JWT token that contains basic information about the user, including:

JSON
{
    "eth_address": "0x1234",
    "login_type": "email",
    "did_wallet_address": "0x1234",
}

access_token is a JWT token used for accessing a particular resource via the API.

TEXT
GET https://api.terminal3.io/v2/openidc/user
Authorization: Bearer <access_token>

Validating access token

To make sure the token is provided by Terminal 3 before proceeding, you can obtain the public keys from Terminal 3 and use them to verify the token.

TypeScript
import * as jose from "jose";

const JWKS = jose.createRemoteJWKSet(new URL("https://static.terminal3.io/jwks.json"))>;

const { payload } = await jose.jwtVerify(access_token, JWKS, {
 issuer: "https://api.terminal3.io",
 audience: "client_id",
});

Body

application/json

Response

200
application/json

Success

The response is of type object.