> ## Documentation Index
> Fetch the complete documentation index at: https://docs.fourthwall.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Exchange Token

> OAuth 2.0 token endpoint. Supports 'authorization_code' grant type for exchanging authorization codes for tokens, and 'refresh_token' grant type for refreshing access tokens.



## OpenAPI

````yaml POST /open-api/v1.0/platform/token
openapi: 3.1.0
info:
  title: Fourthwall APIs
  description: Service used for management of orders, carts, and payments.
  termsOfService: https://fourthwall.com/terms-of-service
  contact:
    name: Backend team
    url: https://fourthwall.com
    email: backend@fourthwall.com
  version: unspecified
servers:
  - url: https://api.fourthwall.com
    description: Production server
security: []
externalDocs:
  description: OpenAPI documentation
  url: https://docs.fourthwall.com
paths:
  /open-api/v1.0/platform/token:
    post:
      tags:
        - Platform Tokens
      summary: Exchange authorization code or refresh token for access token
      description: >-
        OAuth 2.0 token endpoint. Supports 'authorization_code' grant type for
        exchanging authorization codes for tokens, and 'refresh_token' grant
        type for refreshing access tokens.
      operationId: exchange-token
      requestBody:
        content:
          application/x-www-form-urlencoded:
            schema:
              $ref: >-
                #/components/schemas/com.fourthwall.app.openapi.endpoint.TokenRequest
          application/json:
            schema:
              $ref: >-
                #/components/schemas/com.fourthwall.app.openapi.endpoint.TokenRequest
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                type: object
      externalDocs:
        url: >-
          https://docs.fourthwall.com/api-reference/platform/platform-token/exchange-token
components:
  schemas:
    com.fourthwall.app.openapi.endpoint.TokenRequest:
      type: object
      description: OAuth 2.0 token request
      properties:
        client_id:
          type: string
          description: OAuth application client ID
          example: app_12345
        client_secret:
          type: string
          description: OAuth application client secret (required for confidential clients)
        redirect_uri:
          type: string
          description: >-
            Redirect URI used during authorization (required for
            authorization_code grant)
          example: https://example.com/callback
        grant_type:
          type: string
          description: OAuth grant type
          enum:
            - authorization_code
            - refresh_token
          example: authorization_code
        code:
          type: string
          description: Authorization code (required for authorization_code grant)
        refresh_token:
          type: string
          description: Refresh token (required for refresh_token grant)
        code_verifier:
          type: string
          description: >-
            PKCE code verifier (required for public clients using
            authorization_code grant)
      required:
        - client_id
        - grant_type
      title: Token Request

````