> ## Documentation Index
> Fetch the complete documentation index at: https://developers.criteo.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

## Introduction

To get started with our APIs, you will need to use the endpoint below to generate an Access Token, with your API credentials or authorization code. The Access Token is a Bearer token that needs to be included in the Authorization Header of all API requests. Multiple tokens may be generated and each is valid for 15 minutes, or 900 seconds

***

## Endpoint

### Generate an Access Token

```http theme={null}
POST https://api.criteo.com/oauth2/token
```

<Info>
  If you receive a `401 Unauthorized` HTTP status code, it means your access token has expired. Generate a new token to continue making authenticated requests.
</Info>

<Info>
  **Reference**
  You can find this endpoint in [our Reference section](/marketing-solutions/v2025.10/reference/oauth/v-1-oauth-2-token-post) as well.
</Info>

***

## Parameters

<table>
  <thead>
    <tr>
      <th>
        <p>
          Parameter
        </p>
      </th>

      <th>
        <p>
          Type
        </p>
      </th>

      <th>
        <p>
          Description
        </p>
      </th>
    </tr>
  </thead>

  <tbody>
    <tr>
      <td>
        <p>
          <code>
            client\_id
          </code>
        </p>
      </td>

      <td>
        <p>
          string
        </p>
      </td>

      <td>
        <p>
          Please see below for instructions on getting your credentials through

          <a href="https://partners.criteo.com">
            Partner Dashboard
          </a>
        </p>
      </td>
    </tr>

    <tr>
      <td>
        <p>
          <code>
            client\_secret
          </code>
        </p>
      </td>

      <td>
        <p>
          string
        </p>
      </td>

      <td>
        <p>
          Please see below for instructions on getting your credentials through

          <a href="https://partners.criteo.com">
            Partner Dashboard
          </a>
        </p>
      </td>
    </tr>

    <tr>
      <td>
        <p>
          <code>
            grant\_type
          </code>
        </p>
      </td>

      <td>
        <p>
          string
        </p>
      </td>

      <td>
        <p>
          Must be

          <code>
            client\_credentials
          </code>

          or

          <code>
            authorization\_code
          </code>
        </p>
      </td>
    </tr>

    <tr>
      <td>
        <p>
          <code>
            code
          </code>
        </p>
      </td>

      <td>
        <p>
          string
        </p>
      </td>

      <td>
        <p>
          <b>
            Only for Authorization Code apps
          </b>

          . Authorization code returned during redirection
        </p>
      </td>
    </tr>

    <tr>
      <td>
        <p>
          <code>
            redirect\_uri
          </code>
        </p>
      </td>

      <td>
        <p>
          string
        </p>
      </td>

      <td>
        <p>
          <b>
            Only for Authorization Code apps
          </b>

          . Must match the

          <code>
            redirect\_uri
          </code>

          used for the authorization request.
        </p>
      </td>
    </tr>
  </tbody>
</table>

***

## Generate an Access Token

* This endpoint generates a new access token using your API credentials or authorization code.
* To comply with the OAuth2 standards of using `client_credentials`, Criteo API authorization supports `Content-Type: application/x-www-form-urlencoded`, as shown in the example below:

<CodeGroup>
  ```http POST theme={null}
  POST https://api.criteo.com/oauth2/token
  ```

  ```bash Bash theme={null}
  # Sample Request
    
  curl --location --request POST 'https://api.criteo.com/oauth2/token'   --header 'Content-Type: application/x-www-form-urlencoded'   --data-urlencode 'client_id=CLIENT_ID'   --data-urlencode 'client_secret=CLIENT_SECRET'   --data-urlencode 'grant_type=client_credentials'
   
  # Sample Response
    
  {
      "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkVuTTBCZkFELUFrNXZwOU9RMW1ZWXR6T2RaMUVad2RWaHY5T3Z2cVA3YVUiLCJ0eXAiOiJKV1QifQ.eyJjdHg6dXNlcjpkaXNwbGF5TmFtZSI6IkJvYmJ5IFNpYW8gTGVpIEhhbiIsImN0eDp1c2VyOmVtYWlsIjoiYi5oYW5AY3JpdGVvLmNvbSIsImN0eDp1c2VyOnVpZCI6ImIuaGFuIiwiY3R4OnVzZXI6dW1zSWQiOiIzMjM4ODQiLCJzdWIiOiJ1Omk6Yi5oYW5AY3JpdGVvLmNvbSIsImlhdCI6MTYwMTQwNDM1NSwiZXhwIjoxNjAxNDA1MzE1LCJhZGQ6bWFwaTp1bmFtZSI6ImIuaGFuIiwic2NvcGUiOiJnYXRld2F5IiwiY2xpZW50X2lkIjoiYi5oYW4iLCJuYmYiOjE2MDE0MDQ0MTUsImlzcyI6ImNyaXRlby1leGFtb2F1dGgifQ.OI1W8utCbR2a2VbkxOZZaP2JyQ4b8Kf9R2x_yGRp9jjqclvm8huC_iHb9AECLmYVMUYWojvmbIOk0j0BRfLf1xYoOAIvNbcWN-SsrkYOXVh9mYruwOfKJb0t6j8MW7u03PbfvSRtn_29ar3V-7rimDqdMR_iTVhTlBLI0W3jSOCjzKK9sbg0REwtneBu4V3dFLaLNIxXj5EtyaTpLB3v71smFljBHtUC1Go8wRUX2P_GZfWYJCZhatx0xsN46oS8aGQl3a6N4nh4cqdJNA83Y44LYEKpky0ZmBwC9D5j9rpC-BDkUaeWlgkVSicy6yWh-S06JC4e3pJwUHskUMvoiA",
      "token_type": "Bearer",
      "expires_in": 900
  }
  ```
</CodeGroup>

<Warning>
  **Mandatory Content-Type header**

  Please ensure you include `Content-Type: application/x-www-form-urlencoded` header in your call to the `/oauth2/token` endpoint.
</Warning>

***

## Use an Access Token

Once you have obtained your access token, you can authenticate for all subsequent requests by including an `Authorization` HTTP header, as shown in the example below:

```http Header theme={null}
GET
https://api.criteo.com/2020-10/advertisers/me

Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IkVuTTBCZkFELUFrNXZwOU9RMW1ZWXR6T2RaMUVad2RWaHY5T3Z2cVA3YVUiLCJ0eXAiOiJKV1QifQ.eyJjdHg6dXNlcjpkaXNwbGF5TmFtZSI6IkJvYmJ5IFNpYW8gTGVpIEhhbiIsImN0eDp1c2VyOmVtYWlsIjoiYi5oYW5AY3JpdGVvLmNvbSIsImN0eDp1c2VyOnVpZCI6ImIuaGFuIiwiY3R4OnVzZXI6dW1zSWQiOiIzMjM4ODQiLCJzdWIiOiJ1Omk6Yi5oYW5AY3JpdGVvLmNvbSIsImlhdCI6MTYwMTQwNDM1NSwiZXhwIjoxNjAxNDA1MzE1LCJhZGQ6bWFwaTp1bmFtZSI6ImIuaGFuIiwic2NvcGUiOiJnYXRld2F5IiwiY2xpZW50X2lkIjoiYi5oYW4iLCJuYmYiOjE2MDE0MDQ0MTUsImlzcyI6ImNyaXRlby1leGFtb2F1dGgifQ.OI1W8utCbR2a2VbkxOZZaP2JyQ4b8Kf9R2x_yGRp9jjqclvm8huC_iHb9AECLmYVMUYWojvmbIOk0j0BRfLf1xYoOAIvNbcWN-SsrkYOXVh9mYruwOfKJb0t6j8MW7u03PbfvSRtn_29ar3V-7rimDqdMR_iTVhTlBLI0W3jSOCjzKK9sbg0REwtneBu4V3dFLaLNIxXj5EtyaTpLB3v71smFljBHtUC1Go8wRUX2P_GZfWYJCZhatx0xsN46oS8aGQl3a6N4nh4cqdJNA83Y44LYEKpky0ZmBwC9D5j9rpC-BDkUaeWlgkVSicy6yWh-S06JC4e3pJwUHskUMvoiA
Accept: text/plain
Content-Type: application/*+json
```

<Info>
  **OAuth Flow**

  You can find more details about how to implement OAuth flow for the different authentication methods in our [OAuth implementation](/marketing-solutions/v2025.10/docs/oauth-implementation) guides.
</Info>

## What's next

* [OAuth Implementation](/marketing-solutions/v2025.10/docs/oauth-implementation)
* [/oauth2/token](/marketing-solutions/reference/authorization/get-token)
