> ## Documentation Index
> Fetch the complete documentation index at: https://doc.lucidworks.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Request Access Token

> Use this API to generate an access token. 



## OpenAPI

````yaml /api-reference/saas/authentication.json post /oauth2/{auth}/v1/token
openapi: 3.1.0
info:
  title: Authentication
  version: '1.0'
  contact:
    name: Lucidworks
    url: https://lucidworks.com/
    email: support@lucidworks.com
  termsOfService: https://lucidworks.com/legal/developer-license-agreement/
  license:
    name: Lucidworks
    url: https://lucidworks.com/legal/developer-license-agreement/
  description: The Authentication API authenticates a user to use the Lucidworks AI APIs.
servers:
  - url: https://identity.lucidworks.com
    description: Production
security: []
tags:
  - name: Request Access Token
    description: Authenticate a user in Lucidworks AI.
paths:
  /oauth2/{auth}/v1/token:
    parameters:
      - $ref: '#/components/parameters/auth'
    post:
      tags:
        - Request Access Token
      summary: Request Access Token
      description: 'Use this API to generate an access token. '
      operationId: post-auth-token
      parameters:
        - $ref: '#/components/parameters/Cache-Control'
        - $ref: '#/components/parameters/Accept'
        - $ref: '#/components/parameters/scope'
        - $ref: '#/components/parameters/grant_type'
        - $ref: '#/components/parameters/Content-Type'
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/responseAuth'
        '401':
          $ref: '#/components/responses/response-error-401'
      security:
        - apiKey1: []
components:
  parameters:
    auth:
      name: auth
      in: path
      required: true
      schema:
        type: string
        enum:
          - ausao8uveaPmyhv0v357
      description: The authorization code used to generate an access token.
    Cache-Control:
      name: Cache-Control
      in: header
      required: true
      schema:
        type: string
        enum:
          - no-cache
      description: >-
        The `no-cache` request directive asks caches to validate the response
        with the origin server before reuse.
    Accept:
      name: Accept
      in: header
      required: true
      schema:
        type: string
        enum:
          - application/json
      description: >-
        The Accept request HTTP header indicates which content types the client
        can understand.
    scope:
      name: scope
      in: query
      required: true
      schema:
        type: string
        enum:
          - machinelearning.predict
          - machinelearning.model
          - commercestudio.rules
          - commercestudio.rewrites
      description: >-
        The value defines the scope of access requested.


        * For the token used by the Lucidworks AI API `usecase`, `prediction`,
        `async-prediction`, and `async-chunking` endpoints, use `"scope":
        "machinelearning.predict"`.

        * For the token used by the Lucidworks AI API `model` endpoint, use
        `"scope": "machinelearning.model"`.

        * For the token used by the Commerce Studio Rules & Rewrites API rule
        operations, use `"scope": "commercestudio.rules"`.

        * For the token used by the Commerce Studio Rules & Rewrites API query
        rewrite operations, use `"scope": "commercestudio.rewrites"`.
    grant_type:
      name: grant_type
      in: query
      required: true
      schema:
        type: string
        enum:
          - client_credentials
      description: >-
        The `client_credentials` grant type is used by clients to obtain an
        access token in the context of the client itself, not the user.
    Content-Type:
      name: Content-Type
      in: header
      required: true
      schema:
        type: string
        enum:
          - application/x-www-form-urlencoded
        example: application/x-www-form-urlencoded
      description: >-
        The Content-Type header indicates the original media type of the
        resource.
  schemas:
    responseAuth:
      description: >-
        The token response object, which contains the `access_token` required by
        operation APIs. 
      type: object
      example:
        token_type: Bearer
        expires_in: 3600
        access_token: >-
          gyJraWQiOiJmQlBVTF90d2ZkMy3oRjhYejRZTmRjRFROS1hzWW1xVXNqTkJjTmpaVEg4IiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULmx1Yk9ZZjk3bHFjZnlodVd2SDFCN1NBVnpOZW83NXlHYTktOG12WmtxZ28iLCJpc3MiOiJodHRwczovL2lkZW50aXR5LWRldi5sdWNpZHdvcmtzLmNvbS9vYXV0aDIvYXVzemNrM2FiY1pCYzZkWlYxZDYiLCJhdWQiOiJodHRwczovL2FwaS5sdWNpZHdvcmtzLmRldiIsImlhdCI6MTY0MzgyMzcxMiwiZXhwIjoxNjQzODI3MrEyLCJjaWQiOiIwb2ExOHI2aHFsWUFpNFRXZTFkNyIsInNjcCI6WyJjb25uZWN0ZWRzZXJ2aWNlLnF1ZXJ5Il0sInN1YiI6IjBvYTE4cjZocWxZQWk0VFdlMWQ3IiwiY3VzdG9tZXJJZCI6IjNmOTIzMzM1LWYyZTEtNGNlZC1hZDY0LTQwMDA1NDE3MzJkYiJ9.oz2tmexkkMWco5A_XT_QnNq11ssvte0HCXts8X-N7oz4-lk36jAIM0dH9IutodGR7_7NTVjM8-lvvfM6s5I7qp0mRh-svb8LR357mFxH1x7_qF4uj6y4DTnGFJoaBiqqEiuc1vMI1oq0nGKBg04dnJ6yjAV1cdCuhY7wDDXxMETETDc1PsXQmCqgkvkVFdKkFspK2WSSZn_R3dn28aG-juDTNMxaHsDwUpXenBl-3fTN9EOcTwuD5awp7CBlPIzBk1akZDoDH0qLdfuPD-mUnQS2rPn2DsM1HQ5sHTG5T27FThyvoTv0i4dZ7hkdWqapFLrdld7sSQr_Z92d-wz5gZ
        scope: machinelearning.predict
      properties:
        token_type:
          type: string
          minLength: 1
          enum:
            - Bearer
          description: The token type, which is always a bearer token.
        expires_in:
          type: integer
          enum:
            - 3600
          description: >-
            The number of seconds before the `access_token` expires. Auth tokens
            expire in 1 hour. A new token is required after that time. 
        access_token:
          type: string
          minLength: 500
          description: This value is used for the **Token** parameter required by the API.
          pattern: '[-a-zA-Z0-9._~+/]+=*'
          maxLength: 1000
        scope:
          type: string
          minLength: 1
          description: >-
            The value defines the scope of access granted and matches the
            `scope` value from the request. 


            For the token used by the Lucidworks AI API `model` endpoint, use
            `"scope": "machinelearning.model"`.


            For the token used by all other Lucidworks AI endpoints, use
            `"scope": "machinelearning.predict"`.


            For the token used by the Commerce Studio Rules & Rewrites API rule
            operations, use `"scope": "commercestudio.rules"`.


            For the token used by the Commerce Studio Rules & Rewrites API query
            rewrite operations, use `"scope": "commercestudio.rewrites"`.
          enum:
            - machinelearning.predict
            - machinelearning.model
            - commercestudio.rules
            - commercestudio.rewrites
      required:
        - token_type
        - expires_in
        - access_token
        - scope
  responses:
    response-error-401:
      description: Unauthorized
      content:
        application/json:
          schema:
            description: ''
            x-examples:
              example-1:
                error: invalid_client
                error_description: >-
                  Browser requests to the token endpoint must use Proof Key for
                  Code Exchange.
              example-2:
                error: invalid_client
                error_description: >-
                  The client secret supplied for a confidential client is
                  invalid.
            oneOf:
              - properties:
                  error:
                    type: string
                    minLength: 1
                    enum:
                      - invalid_client
                  error_description:
                    type: string
                    minLength: 1
                    enum:
                      - >-
                        The browser requests to the token endpoint must use
                        Proof Key for Code Exchange.
                required:
                  - error
                  - error_description
            type: object
  securitySchemes:
    apiKey1:
      type: http
      scheme: basic
      description: >-
        The Authentication API is used by multiple Lucidworks products such as
        Lucidworks AI and Commerce Studio. The scope value in the request is
        unique to the product accessing the API.


        The **Client ID** is used for the **Username** value, and the **Client
        Secret** is used for the **Password** value. 




        > #### How do I regenerate my client secret?

        >

        > Contact support if you need to regenerate your client secret.

````