Generate Authorization Token
This API generates an Authorization Token required to authenticate all standard checkout API requests.
The token must be obtained before initiating any checkout-related operations such as creating a payment request, checking payment status, or processing refunds. It should be included in the Authorization header for all subsequent API calls.
Environment
| Environment | HTTP Method | API |
| Sandbox | POST | https://api-preprod.phonepe.com/apis/pg-sandbox/v1/oauth/token |
| Production | POST | https://api.phonepe.com/apis/identity-manager/v1/oauth/token |
Request
Request Header
| Header Name | Header Value |
| Content-Type | application/x-www-form-urlencoded |
Request Parameters
| Parameter Name | Parameter Value |
client_id | Client ID shared by PhonePe PG |
client_version | Client Version shared by PhonePe PG |
client_secret | Client secret shared by PhonePe PG |
grant_type | Value set to “client_credentials“ |
Try it yourself!
body params
Response
Sample Response
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHBpcmVzT24iOjE3MjA2MzUzMjE5OTYsIm1lcmNoYW50SWQiOiJWUlVBVCJ9.4YjYHI6Gy6gzOisD_628wfbaI46dMSc5T_0gZ2-SAJo",
"encrypted_access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHBpcmVzT24iOjE3MjA2MzUzMjE5OTYsIm1lcmNoYW50SWQiOiJWUlVBVCJ9.4YjYHI6Gy6gzOisD_628wfbaI46dMSc5T_0gZ2-SAJo",
"expires_in": null,
"issued_at": 1706073005,
"expires_at": 1706697605,
"session_expires_at": 1706697605,
"token_type": "O-Bearer"
}Response Parameters
| Parameter Name | Data Type | Description |
access_token | String | The token generated by PhonePe. This token is valid for a specific time, which can be determined using the expires_at field. Once expired, the token must be refreshed using the same API. |
issued_at | DateTime | The timestamp in epoch (in seconds) when the token was generated |
expires_at | DateTime | Token expiry timestamp in epoch |
token_type | String | The type of token, which will be O-Bearer. |
Access Token Guidelines!
- You should depend on the following key response parameters:
- access_token: This is the token that must be included in API calls with PhonePe for authentication.
- expires_at: This indicates the token’s validity (in seconds). You must ensure that the token is refreshed before it expires. If it expires, you will have to send the request again.
- The auth_token is required for all subsequent API calls. Use the above access token to initiate the payment process.
