> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ripio.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Acquire Access Token

> Every call to the API has to be authenticated with an OAuth2 Token. In order to request this token, you will need to have sandbox or production API Keys (`client_id` and `client_secret`) that will allow to negotiate an ephemeral access token.

To generate the access token, you should call this endpoint providing the header `Authorization` with the following schema: `Basic CREDENTIAL` where `CREDENTIAL` should be specified as a string with the format`client_id:client_secret` encoded in Base64.

<Note>Credentials must be requested in order to generate an Authentication token needed to use the Ramp API. Contact Ripio support to request the partner's registration and obtain `client_id` and `client_secret`, which univocally identify you as a Ripio customer. It is the partner's responsibility to secure these credentials.</Note>


## OpenAPI

````yaml ramps-api/openapi.json POST /oauth2/token/
openapi: 3.1.0
info:
  title: Ripio Ramp API
  version: v1
  description: >-
    API for Ripio ramp services, enabling partners to integrate On-Ramp,
    Off-Ramp, customer management, KYC processes, and other financial
    functionalities. This API is RESTful, uses JSON for requests and responses,
    and standard HTTP status codes. This document is based on the
    'onramp-api.pdf' provided and aims to be compliant with OpenAPI
    Specification v3.1.0. The PDF indicates that the API documentation is a
    draft and subject to change.
servers:
  - url: https://skala-sandbox.ripio.com
    description: Sandbox environment
  - url: https://skala.ripio.com
    description: Production environment
security:
  - BearerToken: []
tags:
  - name: Authentication
    description: Operations related to API authentication and authorization.
  - name: Customers
    description: Operations related to customer management.
  - name: KYC
    description: Operations related to Know Your Customer processes.
  - name: Fiat Accounts
    description: Operations related to managing fiat accounts and their requirements.
  - name: Quotes
    description: Operations related to obtaining and managing conversion quotes.
  - name: On-Ramp
    description: Operations related to fiat-to-crypto (on-ramp) processes.
  - name: Off-Ramp
    description: Operations related to crypto-to-fiat (off-ramp) processes.
  - name: Transactions
    description: Operations related to listing and managing all transaction types.
  - name: Networks
    description: >-
      Operations related to retrieving available deposit and withdrawal
      networks.
  - name: Rates
    description: Operations related to retrieving market rates.
  - name: Sandbox
    description: Operations specific to the sandbox environment for testing purposes.
  - name: Webhooks
    description: Webhook event notifications from Ripio Ramp API.
  - name: Sell and Pay
    description: >-
      Endpoints for managing Sell and Pay transactions, which allow customers to
      convert cryptocurrency to fiat currency and pay merchants via QR codes
paths:
  /oauth2/token/:
    post:
      tags:
        - Authentication
      summary: Acquire Access Token
      description: >-
        Every call to the API has to be authenticated with an OAuth2 Token. In
        order to request this token, you will need to have sandbox or production
        API Keys (`client_id` and `client_secret`) that will allow to negotiate
        an ephemeral access token.


        To generate the access token, you should call this endpoint providing
        the header `Authorization` with the following schema: `Basic CREDENTIAL`
        where `CREDENTIAL` should be specified as a string with the
        format`client_id:client_secret` encoded in Base64.
      operationId: acquireAccessToken
      requestBody:
        required: true
        content:
          application/x-www-form-urlencoded:
            schema:
              type: object
              properties:
                grant_type:
                  type: string
                  description: Must be 'client_credentials'
                  enum:
                    - client_credentials
              required:
                - grant_type
      responses:
        '200':
          description: Access token granted successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AccessTokenResponse'
        '400':
          description: >-
            Bad Request - e.g., missing grant_type or invalid credentials
            format.
          content:
            application/json:
              schema:
                type: object
                properties:
                  error:
                    type: string
              example:
                error: unsupported_grant_type
        '401':
          description: Unauthorized - Invalid client credentials.
          content:
            application/json:
              schema:
                type: object
                properties:
                  error:
                    type: string
              example:
                error: invalid_client
      security:
        - BasicAuth: []
components:
  schemas:
    AccessTokenResponse:
      type: object
      properties:
        accessToken:
          type: string
          description: The access token to be used for subsequent API calls.
          example: UfpqHJaQEjV27rR6itJyhUz5x6eOxz
        expiresIn:
          type: integer
          description: The expiration time for the access token in seconds.
          example: 36000
        tokenType:
          type: string
          description: The type of token issued (always "Bearer" for this flow).
          example: Bearer
        scope:
          type: string
          description: The scope of access granted by the token.
          example: read write
      required:
        - accessToken
        - expiresIn
        - tokenType
  securitySchemes:
    BearerToken:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: >-
        Access token obtained via
        [/oauth2/token/](/ramps-api/authentication/acquire-access-token). Use as
        `Authorization: Bearer <access_token>`.
    BasicAuth:
      type: http
      scheme: basic
      description: Use Basic Auth with base64 encoded `client_id:client_secret`.

````