post https://identbeta.familysearch.org/cis-web/oauth2/v3/token
The Access Token resource is used to obtain an access token to be used for the FamilySearch API.
An access token can be obtained by using one of the following authentication "grant types":
- Authorization Code. This grant type is used by online web clients where a user is directed to FamilySearch.org to provide login name and password credentials. An authorization code is provided which is used to obtain an access token. For more information, see the Authorization resource and RFC 6749, Section 4.1.
- Unauthenticated Session. This grant type allows the client to obtain an access token without requiring a user's credentials. Not all endpoints allow access via an unauthenticated session.
- Client Credentials. This grant type authenticates the service account associated with the client. This is not available for general use. To obtain client credential authentication, you must first contact [email protected] to obtain special permission and assignment. For more information see the Authentication Guide.
An access token is obtained by issuing a POST request to the Access Token resource with the parameters appropriate to the grant type being used. The result of a successful request will be a JSON object containing (among other things) the access token as described by RFC 6749, Section 4.
An access token expires 24 hours after it is issued or after it is unused for 60 continuous minutes.
Failure to obtain an access token will result in a response as described in RFC 6749, Section 5.2.
To delete an access token, use the Logout resource.