/oauth/token

Token — exchange code (+PKCE verifier) for an access token, or refresh

OAuth 2.1 token endpoint (public client, `token_endpoint_auth_method: none`). `grant_type=authorization_code` exchanges a one-time code + `code_verifier` for `{ access_token (RS256 JWT), token_type: Bearer, expires_in, refresh_token, scope }`. `grant_type=refresh_token` rotates the refresh token (reuse of a rotated token revokes the whole family).

free

Parameters

Name	In	Required	Default	Allowed	Description	Example
grant_type	body	required	—	—	`authorization_code` or `refresh_token`.	authorization_code
code	body	optional	—	—	Authorization code (authorization_code grant).	<one-time code>
code_verifier	body	optional	—	—	PKCE verifier (authorization_code grant).	<pkce verifier>
redirect_uri	body	optional	—	—	Must match the authorize request.	http://127.0.0.1:51000/callback
refresh_token	body	optional	—	—	Refresh token (refresh_token grant).	<refresh token>
client_id	body	required	—	—	Client id.	cursor

Response schema

Schema not yet documented

Full response schema, sample response, and curated examples for this endpoint are landing in Phase 59. The hero, parameters, code samples, and metadata above remain accurate today.

Errors

Status	Label	Description
200	OK	Request succeeded.
400	Bad Request	Invalid query, body, or path parameter.
401	Unauthorized	Missing or invalid Authorization header / api_Token.
402	Payment Required	Insufficient token balance for this call. Top up
429	Too Many Requests	Rate limit exceeded for your tier (see /pricing for tier limits). Tier limits
500	Server Error	Unexpected server-side failure. Retry with backoff; report if persistent.

Code samples

Reveal credentials

curl -X POST "https://api.finradar.ai/oauth/token" \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Generate an API key in /account/credentials to run live queries (literal YOUR_API_KEY placeholder shown until then).