> ## Documentation Index
> Fetch the complete documentation index at: https://docs-platform.crewai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create an access token

> Exchange service account client credentials for an opaque bearer access token. Use HTTP Basic auth with `client_id` as the username and `client_secret` as the password; the header is `Authorization: Basic <base64(client_id:client_secret)>`.



## OpenAPI

````yaml /openapi/platform-auth.yaml post /oauth/token
openapi: 3.0.1
info:
  title: CrewAI Platform Authentication
  version: '1.0'
  description: OAuth endpoints for CrewAI Platform authentication.
servers:
  - url: https://app.crewai.com
    description: Current CrewAI Platform host
security: []
tags:
  - name: Authentication
    description: Token issuance and API authentication.
paths:
  /oauth/token:
    post:
      tags:
        - Authentication
      summary: Create an access token
      description: >-
        Exchange service account client credentials for an opaque bearer access
        token. Use HTTP Basic auth with `client_id` as the username and
        `client_secret` as the password; the header is `Authorization: Basic
        <base64(client_id:client_secret)>`.
      operationId: createAccessToken
      parameters: []
      requestBody:
        required: true
        content:
          application/x-www-form-urlencoded:
            schema:
              type: object
              required:
                - grant_type
              additionalProperties: false
              properties:
                grant_type:
                  type: string
                  enum:
                    - client_credentials
                  example: client_credentials
      responses:
        '200':
          description: OK
          content:
            application/json:
              examples:
                success:
                  value:
                    access_token: sat_abc123
                    token_type: Bearer
                    expires_in: 3600
                  summary: Access token issued
              schema:
                type: object
                required:
                  - access_token
                  - token_type
                  - expires_in
                additionalProperties: false
                properties:
                  access_token:
                    type: string
                    example: sat_abc123
                  token_type:
                    type: string
                    enum:
                      - Bearer
                    example: Bearer
                  expires_in:
                    type: integer
                    example: 3600
        '400':
          description: Bad Request
          content:
            application/json:
              examples:
                unsupported_grant_type:
                  value:
                    error: unsupported_grant_type
                    error_description: grant_type must be client_credentials.
                  summary: Unsupported grant type
              schema:
                type: object
                required:
                  - error
                  - error_description
                additionalProperties: false
                properties:
                  error:
                    type: string
                    enum:
                      - invalid_request
                      - unsupported_grant_type
                    example: unsupported_grant_type
                  error_description:
                    type: string
                    example: grant_type must be client_credentials.
        '401':
          description: Unauthorized
          content:
            application/json:
              examples:
                invalid_client:
                  value:
                    error: invalid_client
                    error_description: Client authentication failed.
                  summary: Invalid client credentials
              schema:
                type: object
                required:
                  - error
                  - error_description
                additionalProperties: false
                properties:
                  error:
                    type: string
                    enum:
                      - invalid_client
                    example: invalid_client
                  error_description:
                    type: string
                    example: Client authentication failed.
        '429':
          description: Too Many Requests
          headers:
            Retry-After:
              schema:
                type: string
                example: '60'
          content:
            application/json:
              examples:
                rate_limited:
                  value:
                    error: temporarily_unavailable
                    error_description: >-
                      Too many token requests. Cache access tokens until they
                      expire and retry later.
                  summary: Token request rate limited
              schema:
                type: object
                required:
                  - error
                  - error_description
                additionalProperties: false
                properties:
                  error:
                    type: string
                    enum:
                      - temporarily_unavailable
                    example: temporarily_unavailable
                  error_description:
                    type: string
                    example: >-
                      Too many token requests. Cache access tokens until they
                      expire and retry later.
      security:
        - clientBasicAuth: []
components:
  securitySchemes:
    clientBasicAuth:
      type: http
      scheme: basic
      description: >-
        Authenticate with HTTP Basic auth using the service account client_id as
        the username and client_secret as the password. The Authorization header
        value is `Basic <base64(client_id:client_secret)>`.

````