> ## Documentation Index > Fetch the complete documentation index at: https://developer.tryfinch.com/llms.txt > Use this file to discover all available pages before exploring further. # Create Access Token > Exchange the authorization code for an access token ## OpenAPI ````yaml post /auth/token openapi: 3.1.0 info: title: API Reference version: '2020-09-17' contact: {} description: >- The Finch HRIS API provides a unified way to connect to a multitide of HRIS systems. The API requires an access token issued by Finch. By default, Organization and Payroll requests use Finch's [Data Syncs](/developer-resources/Data-Syncs). If a request is made before the initial sync has completed, Finch will request data live from the provider. The latency on live requests may range from seconds to minutes depending on the provider and batch size. For automated integrations, Deductions requests (both read and write) are always made live to the provider. Latencies may range from seconds to minutes depending on the provider and batch size. Employer products are specified by the product parameter, a space-separated list of products that your application requests from an employer authenticating through Finch Connect. Valid product names are— - `company`: Read basic company data - `directory`: Read company directory and organization structure - `individual`: Read individual data, excluding income and employment data - `employment`: Read individual employment and income data - `payment`: Read payroll and contractor related payments by the company - `pay_statement`: Read detailed pay statements for each individual - `benefits`: Create and manage deductions and contributions and enrollment for an employer [![Open in Postman](https://run.pstmn.io/button.svg)](https://god.gw.postman.com/run-collection/21027137-08db0929-883d-4094-a9ce-dbf5a9bee4a4?action=collection%2Ffork&collection-url=entityId%3D21027137-08db0929-883d-4094-a9ce-dbf5a9bee4a4%26entityType%3Dcollection%26workspaceId%3D1edf19bc-e0a8-41e9-ac55-481a4b50790b) servers: - url: https://api.tryfinch.com description: '' security: [] tags: - name: Organization - name: Payroll - name: Deductions - name: Management - name: Sandbox paths: /auth/token: post: tags: - Management summary: Create Access Token description: Exchange the authorization code for an access token operationId: create-access-token parameters: - $ref: '#/components/parameters/API-Version' - $ref: '#/components/parameters/Content-Type' requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateAccessTokenRequest' responses: '200': description: Access Token content: application/json: schema: $ref: '#/components/schemas/CreateAccessTokenResponse' examples: Success: value: access_token: 7e965183-9332-423c-9259-3edafb332ad2 token_type: bearer connection_id: bc3a2af9-ce03-46c4-9142-81abe789c64d customer_id: '1234567890' customer_name: Acme Inc account_id: ac3a2af9-ce03-46c4-9142-81abe789c64d client_type: production company_id: 4ab15e51-11ad-49f4-acae-f343b7794375 connection_type: provider products: - directory - employment - individual provider_id: gusto entity_ids: - 550e8400-e29b-41d4-a716-446655440000 - 6ba7b810-9dad-11d1-80b4-00c04fd430c8 - 6ba7b811-9dad-11d1-80b4-00c04fd430c8 security: [] x-codeSamples: - lang: JavaScript source: >- import Finch from '@tryfinch/finch-api'; const client = new Finch(); const createAccessTokenResponse = await client.accessTokens.create({ code: 'code' }); console.log(createAccessTokenResponse.connection_id); - lang: Python source: |- from finch import Finch client = Finch() create_access_token_response = client.access_tokens.create( code="code", ) print(create_access_token_response.connection_id) - lang: Go source: "package main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\n\t\"github.com/Finch-API/finch-api-go\"\n\t\"github.com/Finch-API/finch-api-go/option\"\n)\n\nfunc main() {\n\tclient := finchgo.NewClient(\n\t\toption.WithAccessToken(\"My Access Token\"),\n\t\toption.WithClientID(\"4ab15e51-11ad-49f4-acae-f343b7794375\"),\n\t\toption.WithClientSecret(\"My Client Secret\"),\n\t)\n\tcreateAccessTokenResponse, err := client.AccessTokens.New(context.TODO(), finchgo.AccessTokenNewParams{\n\t\tCode: finchgo.F(\"code\"),\n\t})\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\tfmt.Printf(\"%+v\\n\", createAccessTokenResponse.ConnectionID)\n}\n" - lang: Java source: |- package com.tryfinch.api.example; import com.tryfinch.api.client.FinchClient; import com.tryfinch.api.client.okhttp.FinchOkHttpClient; import com.tryfinch.api.models.AccessTokenCreateParams; import com.tryfinch.api.models.CreateAccessTokenResponse; public final class Main { private Main() {} public static void main(String[] args) { FinchClient client = FinchOkHttpClient.builder() .fromEnv() .accessToken("My Access Token") .build(); AccessTokenCreateParams params = AccessTokenCreateParams.builder() .code("code") .build(); CreateAccessTokenResponse createAccessTokenResponse = client.accessTokens().create(params); } } - lang: Kotlin source: |- package com.tryfinch.api.example import com.tryfinch.api.client.FinchClient import com.tryfinch.api.client.okhttp.FinchOkHttpClient import com.tryfinch.api.models.AccessTokenCreateParams import com.tryfinch.api.models.CreateAccessTokenResponse fun main() { val client: FinchClient = FinchOkHttpClient.builder() .fromEnv() .accessToken("My Access Token") .build() val params: AccessTokenCreateParams = AccessTokenCreateParams.builder() .code("code") .build() val createAccessTokenResponse: CreateAccessTokenResponse = client.accessTokens().create(params) } - lang: Ruby source: >- require "finch_api" finch = FinchAPI::Client.new( access_token: "My Access Token", client_id: "4ab15e51-11ad-49f4-acae-f343b7794375", client_secret: "My Client Secret" ) create_access_token_response = finch.access_tokens.create(code: "code") puts(create_access_token_response) components: parameters: API-Version: name: Finch-API-Version in: header required: true schema: type: string default: '2020-09-17' format: date pattern: ([12]\d{3}-(0[1-9]|1[0-2])-(0[1-9]|[12]\d|3[01])) description: >- Header used to specify the version for a given API request. Current version is 2020-09-17. Content-Type: name: Content-Type in: header required: true schema: type: string default: application/json description: 'Used to indicate the original media type of the resource ' schemas: CreateAccessTokenRequest: type: object properties: client_id: type: string format: uuid description: The client ID for your application client_secret: type: string description: The client secret for your application code: type: string description: The authorization code received from the authorization server redirect_uri: type: string description: The redirect URI used in the authorization request (optional) required: - client_id - client_secret - code CreateAccessTokenResponse: type: object properties: access_token: type: string description: The access token for the connection token_type: type: string description: The RFC 8693 token type (Finch uses `bearer` tokens) connection_id: type: string description: The Finch UUID of the connection associated with the `access_token` customer_id: type: string nullable: true description: >- The ID of your customer you provided to Finch when a connect session was created for this connection customer_name: type: string nullable: true description: >- The name of your customer you provided to Finch when a connect session was created for this connection account_id: type: string description: >- [DEPRECATED] Use `connection_id` to identify the connection instead of this account ID deprecated: true client_type: $ref: '#/components/schemas/ClientType' company_id: type: string description: >- [DEPRECATED] Use `connection_id` to identify the connection instead of this company ID deprecated: true connection_type: $ref: '#/components/schemas/ConnectionType' products: type: array items: type: string description: >- An array of the authorized products associated with the `access_token` provider_id: type: string description: The ID of the provider associated with the `access_token` entity_ids: type: array items: type: string format: uuid description: An array of entity IDs that can be accessed with this access token required: - access_token - token_type - connection_id - client_type - connection_type - products - provider_id - entity_ids ClientType: type: string enum: - development - production - sandbox description: The type of application associated with a token. title: ClientType ConnectionType: type: string enum: - finch - provider description: |- The type of the connection associated with the token. - `provider` - connection to an external provider - `finch` - finch-generated data. title: ConnectionType ````