Get access token

curl --request POST \
  --url https://api.kajabi.com/v1/oauth/token \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data 'username=<string>' \
  --data 'password=<string>' \
  --data 'client_id=<string>' \
  --data 'client_secret=<string>' \
  --data 'grant_type=<string>' \
  --data 'scope=<string>' \
  --data 'refresh_token=<string>'

{
  "access_token": "<string>",
  "refresh_token": "<string>",
  "token_type": "<string>",
  "expires_in": 123
}

Authentication

Get access token

Request `access_token` and `refresh_token`

There are three ways to exchange parameters for tokens

Provide client credentials client_id and client_secret
Provide a refresh_token
Provide username and password (client credentials is preferred)

Using grant_type=client_credentials

Only include params: client_id, client_secret, and grant_type.

The grant_type param value must be: client_credentials

Using grant_type=refresh_token

Only include params: refresh_token and grant_type.

The grant_type param value must be: refresh_token
The refresh_token must be a unexpired JWT token, from a prior client credential token grant.

Using username and password

Only include params: username and password.

Response

A successful response will provide access_token and refresh_token values.

Use the access_token in your Authorization header as a “Bearer” token to make authenticated requests to the API. E.g. GET https://api.kajabi.com/v1/me
Store the refresh_token to exchange for a new access_token when it expires.
Tokens may be invalidated using the v1/oauth/revoke endpoint to “log out”.

Attributes

access_token (string) - The access token for the API session
refresh_token (string) - The refresh token for the API session
token_type (string) - The type of token, always Bearer
expires_in (integer) - The number of seconds the access token will be valid for

POST

oauth

token

Get access token

curl --request POST \
  --url https://api.kajabi.com/v1/oauth/token \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data 'username=<string>' \
  --data 'password=<string>' \
  --data 'client_id=<string>' \
  --data 'client_secret=<string>' \
  --data 'grant_type=<string>' \
  --data 'scope=<string>' \
  --data 'refresh_token=<string>'

{
  "access_token": "<string>",
  "refresh_token": "<string>",
  "token_type": "<string>",
  "expires_in": 123
}

Body

application/x-www-form-urlencoded

username

string

password

string

client_id

string

client_secret

string

grant_type

string

scope

string

refresh_token

string

Response

Authentication succeeded

access_token

string

refresh_token

string

token_type

string

expires_in

integer

Changelog

Revoke a token