Vizit Public APIAPI
Authentication

Create a token

Exchange your M2M client credentials for a short-lived access token.

POST/auth/token

The returned token authenticates every other call in this API. This endpoint itself is unauthenticated — no token required to call it.

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

client_id*string

Machine-to-machine client ID issued by Vizit.

client_secret*string

Machine-to-machine client secret issued by Vizit.

audience*string

API audience identifier. Always https://ext.vizit.com.

organization*string

Auth0 organization ID issued by Vizit during onboarding. Required because the Auth0 client grant uses organization_usage: require.

grant_type*string

Must be "client_credentials"

Value in"client_credentials"

Response Body

application/json

application/json

curl -X POST "https://ext.vizit.com/auth/token" \  -H "Content-Type: application/json" \  -d '{    "client_id": "string",    "client_secret": "string",    "audience": "https://ext.vizit.com",    "organization": "string",    "grant_type": "client_credentials"  }'
{  "access_token": "string",  "token_type": "Bearer",  "expires_in": 86400}
{  "error": "string",  "error_description": "string"}