> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mangopay.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create OAuth bearer token

> Generate an OAuth bearer token to authenticate your API calls

This endpoint allows your to generate a bearer token to authenticate subsequent API calls. There are two scenarios, one of which is handled for you if using the server-side SDKs.

Firstly, this endpoint can be used to generates a bearer token to authenticate **all calls to the Mangopay API** as part of [OAuth 2.0 authentication](/api-reference/overview/authentication). The [server-side SDKs](/api-reference/overview/authentication#sdk-authentication) handle this first authentication scenario for you by generating and refreshing the token before expiry.

Secondly, you can use a specific API key with this endpoint to generate a bearer token that subsequently allows you to generate another access token to initialize a Mangopay embedded experience. Once you have the bearer token, you can call one of two endpoints to obtain an access token:

* [POST Create an access token for the Recipients embedded experience](/api-reference/overview/authentication/create-access-token-recipient) to obtain a token to run the Recipients frontend experience using Mangopay Elements
* [POST Create an access token for Checkout SDK](/api-reference/overview/authentication/create-access-token-checkout) to obtain a token to initialize Checkout SDK with PayPal One-Click

<Note>
  **Note – Access tokens for embedded experiences require specific API key**

  Before calling this endpoint to obtain an access token for embedded experiences (second scenario above), you must obtain a dedicated API key. To do so, contact Mangopay <a href="https://hub.mangopay.com/" target="_blank">via the Dashboard</a>.

  Once you have the dedicated API key, encode it in the usual way by using Base64 to encode your Client ID and dedicated API key separated by a colon (`ClientId`:`ApiKey`). For more information, read the [OAuth 2.0 authentication guide](/api-reference/overview/authentication#oauth-2-0-authentication).
</Note>

### Responses

<Accordion title="200 response parameters">
  <ResponseField name="access_token" type="string">
    The access token to use in the Authorization header of your subsequent API call.
  </ResponseField>

  <ResponseField name="token_type" type="string">
    The type of the token (always Bearer).
  </ResponseField>

  <ResponseField name="expires_in" type="integer">
    The number of seconds until the token expires.
  </ResponseField>
</Accordion>

<RequestExample>
  ```bash theme={null}
  curl -X POST 'https://api.sandbox.mangopay.com/v2.01/oauth/token' \
      -H 'Content-Type: application/x-www-form-urlencoded' \
      -H 'Authorization: Basic {EncodedString}' \
      -d 'grant_type=client_credentials'
  ```
</RequestExample>

<ResponseExample>
  ```json theme={null}
  {
      "access_token": "ab08691f2ef34733a8451ed3742d4204",
      "token_type": "Bearer",
      "expires_in": 3600
  }
  ```
</ResponseExample>