• User Guide
    • Security Notes
      Security Notes
    • Online/Desktop Apps
      • Account Management
        • Create Account
          Create Account
        • Log in to Account
          Log in to Account
        • Backup Seed Phrase
          Backup Seed Phrase
        • Recover Account
          Recover Account
        • Find Out Your Waves.Exchange Address
          Find Out Your Waves.Exchange Address
        • Create Personal Alias
          Create Personal Alias
        • Import From Waves Keeper
          Import From Waves Keeper
        • Use Ledger Nano Devices With Waves.Exchange
          Use Ledger Nano Devices With Waves.Exchange
        Account Management
      • Asset Management
        • Transfer Cryptocurrency
          • Transactions Tab
            Transactions Tab
          Transfer Cryptocurrency
        • Buy Cryptocurrency with a Bank Card
          • How to Use Advanced Cash
            How to Use Advanced Cash
          Buy Cryptocurrency with a Bank Card
        • Stake Asset
          • OTC Service
            OTC Service
          • Swap WAVES/USDN
            Swap WAVES/USDN
          • How to Get USDN (Quick Guide)
            How to Get USDN (Quick Guide)
          • How to Get USDT/USDC/BTC/ETH (Quick Guide)
            How to Get USDT/USDC/BTC/ETH (Quick Guide)
          Stake Asset
        • Lambo Investments
          Lambo Investments
        • Algorithmic Trading
          Algorithmic Trading
        • Neutrino Governance
          Neutrino Governance
        • Neutrino Pools
          Neutrino Pools
        • Swap DeFo
          Swap DeFo
        • Create Asset
          Create Asset
        • Distribute Asset
          Distribute Asset
        • Reissue Asset
          Reissue Asset
        • Change Reissuable to Not Reissuable
          Change Reissuable to Not Reissuable
        • Burn Asset
          Burn Asset
        • Sponsored Transaction
          Sponsored Transaction
        • Sponsored Fee
          Sponsored Fee
        Asset Management
      • Advanced Features
        • Script Transaction
          Script Transaction
        • JSON Confirmation
          JSON Confirmation
        Advanced Features
      • Start Trading on Waves.Exchange
        Start Trading on Waves.Exchange
      • Leverage
        Leverage
      Online/Desktop Apps
    • Mobile Apps
      • Account Management
        • Create Account
          Create Account
        • Log in to Account
          Log in to Account
        • Recover Account
          Recover Account
        • Find Out Your Waves.Exchange Address
          Find Out Your Waves.Exchange Address
        • Create Personal Alias
          Create Personal Alias
        Account Management
      • Asset Management
        • Transfer Cryptocyrrency
          Transfer Cryptocyrrency
        • Buy Cryptocurrency with a Bank Card
          Buy Cryptocurrency with a Bank Card
        • Stake WAVES
          Stake WAVES
        • Stake USDN
          Stake USDN
        • Burn Asset
          Burn Asset
        Asset Management
      • Start Trading on Waves.Exchange
        Start Trading on Waves.Exchange
      Mobile Apps
    User Guide
  • API and Library
    • CCXT
      CCXT
    • Fees
      Fees
    • Payment API
      Payment API
    • Web Auth API
      Web Auth API
    • Gateway API
      • Access Token
        • Get Access Token in Waves.Exchange App
          Get Access Token in Waves.Exchange App
        • POST /v1/oauth2/token
          POST /v1/oauth2/token
        Access Token
      • Deposit
        • GET /v1/deposit/addresses/{currency}
          GET /v1/deposit/addresses/{currency}
        • GET /v1/deposit/currencies
          GET /v1/deposit/currencies
        • GET /v1/deposit/currencies/{currency}
          GET /v1/deposit/currencies/{currency}
        • Terms of Deposit
          Terms of Deposit
        Deposit
      • Withdraw
        • GET /v1/withdraw/addresses/{currency}/{address}
          GET /v1/withdraw/addresses/{currency}/{address}
        • GET /v1/withdraw/currencies
          GET /v1/withdraw/currencies
        • GET /v1/withdraw/currencies/{currency}
          GET /v1/withdraw/currencies/{currency}
        • Terms of Withdrawal
          Terms of Withdrawal
        Withdraw
      • Movements History
        Movements History
      • Platforms List
        Platforms List
      • Crosschain Supply Consistency
        Crosschain Supply Consistency
      • Error Codes
        Error Codes
      Gateway API
    • Matcher
      • Waves.Exchange Protocol
        Waves.Exchange Protocol
      • Matcher Fee
        Matcher Fee
      • Install Matcher on Ubuntu From Deb-package
        Install Matcher on Ubuntu From Deb-package
      • Matcher Settings
        Matcher Settings
      • Matcher API
        • Order Validation
          Order Validation
        • Exchange Transation Validation
          Exchange Transation Validation
        Matcher API
      Matcher
    API and Library
  • Glossary
    Glossary
      • English
      • Русский
      On this page
        • Access Token Initial Obtaining
          • Request parameters
          • Response JSON Example
          • Response Parameters
          • JavaScript Example
        • Reissue Access Token
          • Request parameters
          • Response JSON Example
          • JavaScript Example

          # POST /v1/oauth2/token

          Returns access token as well as refresh token.

          When the access token is expired, your app can obtain a new token as described in Reissue Access Token section below.

          This method requires HTTP header Content-type: application/x-www-form-urlencoded.

          # Access Token Initial Obtaining

          POST /v1/oauth2/token
          Content-type: application/x-www-form-urlencoded
          
          {
            "grant_type": "password",
            "scope": "general",
            "username": "(string)",
            "password" "(string)",
            "client_id": "waves.exchange"
          }
          

          # Request parameters

          Field name Description
          grant_type To initially obtain an access token specify password
          scope Specify general
          username User's public key (opens new window)
          password Generate password as follows:
          1. Join chain ID (opens new window) character with client_id string and with token expiration Unix timestamp in seconds, using ':' separator. For example, W:waves.exchange:1584651600.
          2. Convert this string to bytes.
          3. Add [255, 255, 255, 1] prefix.
          4. Generate Curve25519 (opens new window) signature of bytes using user's private key (opens new window).
          5. Join token expiration Unix timestamp in seconds with base58 encoded signature, using ':' separator. For example, 1584651600:3BU36da1h6Bzhs4tKcfkCsXWi4vEgP8eQD7rkGWJdxbRfNpky6p3p7mUJWEL9ejDsasS8nWu1g6tZpsX4.
          ⚠️Token expiration timestamp must be no more than a week from the current time.
          See also the JavaScript Example section below.
          client_id For Gateway API specify waves.exchange

          # Response JSON Example

          {
            "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWduYXR1cmUiOiI2MUppRFBQWUZya2pw...",
            "token_type": "bearer",
            "expires_in": 1584651600,
            "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWduYXR1cmUiOiI2MUppRFBQWUZya2pw..."
          }
          

          # Response Parameters

          Field name Description
          access_token Access token to use in API requests
          token_type Type of token issued. Always takes the value bearer
          expires_in Access token expiration timestamp: Unix time in seconds
          refresh_token Refresh token. After access token expiration you can exchange refresh token for a new access token, see the Reissue Access Token section below

          # JavaScript Example

          The example uses waves-transactions library, see documentation (opens new window) on Github.

          import { libs } from "@waves/waves-transactions";
          
          const seed = "insert your seed here";
          const chain_code = "W"; // "T" for Testnet
          const client_id = "waves.exchange";
          const seconds = Math.round((Date.now() + 1000 * 60 * 60 * 24 * 7) / 1000); // Token for a week
          
          const bytes = [255, 255, 255, 1, ...libs.crypto.stringToBytes(`${chain_code}:${client_id}:${seconds}`)];
          const signature = libs.crypto.signBytes(seed, bytes);            
          
          fetch('https://api.waves.exchange/v1/oauth2/token', {
              method: 'POST',
              headers: {
                  'Content-type': 'application/x-www-form-urlencoded'
              },
              body: [
                  "grant_type=password",
                  "scope=general",
                  `username=${encodeURIComponent(libs.crypto.publicKey(seed))}`,
                  "password=" + encodeURIComponent(`${seconds}:${signature}`),
                  `client_id=${client_id}`
              ].join('&')
          });
          

          # Reissue Access Token

          POST /v1/oauth2/token
          Content-type: application/x-www-form-urlencoded
          
          {
            "grant_type": "refresh_token",
            "scope": "general",
            "client_id": "waves.exchange",
            "refresh_token": "(string)"
          }
          

          # Request parameters

          Field name Description
          grant_type To exchange a refresh token for a new access token specify refresh_token
          scope Specify general
          client_id For Gateway API specify waves.exchange
          refresh_token Refresh token. After access token expiration you can exchange refresh token for a new access token

          # Response JSON Example

          {
            "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWduYXR1cmUiOiI2MUppRFBQWUZya2pw...",
            "token_type": "bearer",
            "expires_in": 1584109637,
            "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWduYXR1cmUiOiI2MUppRFBQWUZya2pw..."
          }
          

          Response parameters are the same as described in the Access Token Initial Obtaining section.

          # JavaScript Example

          const refresh_token = "insert your refresh token here";
          const client_id = "waves.exchange";
          
          fetch('https://api.waves.exchange/v1/oauth2/token', {
              method: 'POST',
              headers: {
                  'Content-type': 'application/x-www-form-urlencoded'
              },
              body: [
                  "grant_type=refresh_token",
                  "scope=general",
                  `refresh_token=${refresh_token}`,
                  `client_id=${client_id}`
              ].join('&')
          });
          
          Get Access Token in Waves.Exchange App
          Deposit
          Get Access Token in Waves.Exchange App
          Deposit