# Example Token Request #### Example Token Request – Generic Token (no `userid`) 1. Using curl (with form-encoded body): ```bash curl -X POST "https://api.AIRisk.example.com/api/oauth2/Token" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "client_id=YOUR_client_id&client_secret=YOUR_client_secret&redirect_uri=https%3A%2F%2Flocalhost%2Fcallback&code=AUTH_CODE_HERE" ``` In this example: * Replace `YOUR_client_id` and `YOUR_client_secret` with your actual credentials. * `redirect_uri` is URL-encoded (https%3A%2F%2Flocalhost%2Fcallback corresponds to ). * `AUTH_CODE_HERE` should be replaced with the code you received in the previous step (e.g., SplxlOBeZQQYbYS6WxSbIA). 2. Alternatively, using Python and the `requests` library (sending JSON payload): ```python import requests token_url = "https://api.AIRisk.example.com/api/oauth2/Token" data = { "client_id": "YOUR_client_id", "client_secret": "YOUR_client_secret", "redirect_uri": "https://localhost/callback", "code": "AUTH_CODE_HERE" } response = requests.post(token_url, json=data) token_response = response.json() print(token_response.get("access_token")) ``` Here we post a JSON body with the required fields. The server will respond with a JSON object (as shown below). We then parse the JSON to extract the access\_token. In a real application, you would store this token and use it to authorize API calls via the HTTP Header for a bearer token. **Example Success Response (JSON):** ```json { "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "expiration": "2025-03-31T13:12:17Z" } ``` * `access_token` – The OAuth2 access token string. This is typically a long opaque string or JWT that you will use to authenticate requests to the AIRisk API. * `expiration` – The UTC-formatted datetime in which the token expires. #### Example Token Request – User-Specific Token (with `userid`) If you included a `userid` in the authorization step, use the same `userid` when exchanging the code. For example, suppose we indicated `userid=user_42` in the authorization URL and got back a code. We would make the token request as follows: ```bash curl -X POST "https://api.AIRisk.example.com/api/oauth2/Token" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "client_id=YOUR_client_id&client_secret=YOUR_client_secret&redirect_uri=https%3A%2F%2Flocalhost%2Fcallback&code=AUTH_CODE_HERE&userid=user_42" ``` This is identical to the earlier request, except we have appended &`userid=user_42` (using the same user ID that was in the auth request). The response format for a user-specific token is the same JSON structure: ```json { "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "expiration": "2025-03-31T14:10:57Z" } ``` In this case, `access_token` here is associated with User 42’s account. When using this token to call protected endpoints, the AIRisk API will treat the request as on behalf of that user. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.aicrisk.com/api-overview/airisk-api-oauth2-authentication/token-endpoint/example-token-request.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.