Skip to content
Teachify

Token Exchange

The Token Exchange process is a critical step in the OAuth 2.0 flow, occurring after the user has granted permission to your application. This process involves exchanging the authorization code received from the Authorization Endpoint for an access token, which is then used to make authenticated requests to the Teachify API on behalf of the user.

Functionality

After receiving the authorization code, your application must make a secure server-to-server request to exchange this code for an access token.

Detailed Explanation of the Token Exchange Process

Purpose

The Token Exchange process serves to:

  1. Verify the authorization code’s validity
  2. Ensure the request is coming from the same client that initiated the authorization flow
  3. Provide a secure method to obtain access tokens

API Example

POST https://yourdomain.com/oauth/token HTTP/1.1


&code={authorization_code}
&redirect_uri={REDIRECT_URI}

Key Parameters

  • code: The authorization code received from the Authorization Endpoint.
  • redirect_uri: Must match the redirect URI used in the initial authorization request.

Sample Response

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "read write"
}

Fields Explained

  • access_token: The token used to authenticate requests to the Teachify API.
  • token_type: Indicates how the access token should be used, typically “Bearer”.
  • expires_in: The lifetime of the access token in seconds.
  • scope: The scopes granted to this access token.