Tokens
Exchange Token
Exchange an authorization code for an access token. Ignition returns an authCode as a query parameter at the redirectUrl upon successful completion of the Ignition flow.
Auth codes are ephemeral and expire after 10 minutes, while accessTokens do not expire.
POST
/
token
/
exchange
Header
Body
curl --request POST \
--url https://api.axle.insure/token/exchange \
--header 'Content-Type: application/json' \
--header 'x-client-id: <x-client-id>' \
--header 'x-client-secret: <x-client-secret>' \
--data '{
"authCode": "<string>"
}'
{
"data": {
"accessToken": "<string>",
"account": "<string>",
"policies": []
},
"success": true
}
Headers
x-client-id
string
requiredYour client ID. This will be shared with you during onboarding.
x-client-secret
string
requiredYour secret API key. This will be shared with you during onboarding and should be considered sensitive - it’s a password after all!
x-destination-client-id
string
The client ID of the destination client. This is optional and only used by platform clients. See the Axle for Platforms guide for more information.
Body
application/json
authCode
string
requiredThe authorization code obtained after a user successfully links their account via Ignition. Returned as a query parameter at the redirectUri.
Response
200 - application/json
data
object
requiredsuccess
boolean
requiredIndicates whether the operation was performed successfully.
curl --request POST \
--url https://api.axle.insure/token/exchange \
--header 'Content-Type: application/json' \
--header 'x-client-id: <x-client-id>' \
--header 'x-client-secret: <x-client-secret>' \
--data '{
"authCode": "<string>"
}'
{
"data": {
"accessToken": "<string>",
"account": "<string>",
"policies": []
},
"success": true
}