Skip to main content
POST
/
auth
/
token
Get bearer token
curl --request POST \
  --url https://api.polygon.technology/v0.9/auth/token \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "apiKey": "sk_live_abc123...",
  "apiSecret": "opaque-bearer-secret..."
}
'
{
  "accessToken": "eyJhbGciOiJSUzI1NiIs...",
  "expiresIn": 3600,
  "expiresAt": "2023-11-07T05:31:56Z"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
apiKey
string
required

Secret API key identifier. Prefix encodes (mode, env): sk_live_… / sk_sdbx_… on prod; non-prod envs add an env infix (sk_dev_sdbx_…, sk_stg_live_…, …). The matching apiSecret is shown once at key creation and stored only as an HMAC hash.

Example:

"sk_live_abc123..."

apiSecret
string
required

Opaque secret revealed once at key creation; not a typeid.

Example:

"opaque-bearer-secret..."

Response

Token issued

accessToken
string
required
Example:

"eyJhbGciOiJSUzI1NiIs..."

tokenType
enum<string>
required
Available options:
bearer
expiresIn
integer
required
Example:

3600

expiresAt
string<date-time>
required