Get Client Token API

The Get Client Token API is used to create the token from the Hub with the scope (refer_child_merchant).



Base URL: {{base_url}}/oauth/token

Request parameters



  • Caller client service should be registered on Hub (PayU’s oAuth2 Service )
  • refer_child_merchant scope should be whitelisted on caller client on Hub
  • Get Aggregator flag enabled on parent merchant
client_idThe unique client identifier for the client.
client_secretThe client secret code is passed in this parameter.
grant_typeThe client credentials is posted in this parameter.
scopeThe scope is posted in this parameter. The scope can be any of the following:
- refer_child_merchant: Use this scope when you want to refer and create a child merchant
- fetch_child_merchants: Use this scope when you want to fetch the child merchants under a merchant

Note: Use this API with the scope as refer_child_merchant to create client token from Hub.

Sample request

curl --location -g --request POST '{{hub_base_url}}/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id={{client_id}}' \
--data-urlencode 'client_secret={{client_secret}}' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=refer_child_merchant'

Response parameters

access_tokenThis parameter contains the access token.453226e88f0e6d1
token_typeThis parameter contains any of the following token type:Bearer
expires_inThis parameter contains the time (in seconds) at which the token shall expire from the creation time. The creation time can be found in the created_at time.2591999
scopeThis parameter contains the scope as specified in the request.refer_child_merchant
created_atThis parameter contains the time stamp when the token was created.1642509515

Sample response

The following sample response for each scenario is in JSON format:

  • Create Child Merchant is Successful
    "access_token": "453226e88f0e6d18b24fe4eedb817b0ff096cb740f0354e4b133188555d2b151",
    "token_type": "Bearer",
    "expires_in": 2591999,
    "scope": "refer_child_merchant",
    "created_at": 1642509515
  • When the client_ID or secret code is unauthorised:
    "error": "invalid_client",
    "error_description": "Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method."
  • Incorrect scope or non-whitelisted scope
    "error": "invalid_scope",
    "error_description": "The requested scope is invalid, unknown, or malformed."