# Access Token Exchange

This function is used to request exchanging a Client GUID and Auth Token for an Access Token.


- Host Direct
- Locally Installed UTG
- Commerce Engine For On Premise
- Commerce Engine For Cloud

See the Integration Methods and URLs Section sections of the Development Quick Start guide for details regarding each processing option.


Endpoint: POST /credentials/accesstoken
Version: 1.7.43

## Header parameters:

  - `InterfaceVersion` (string, required)
    Refers to the version of the program or application that is sending requests to Shift4. The following special characters are not allowed:  $ % : ^ - ~  , ? “ ” ‘ ’ { } [ ] \ + =
    Example: "2.1"

  - `InterfaceName` (string, required)
    Refers to the name of the program or application that is sending requests to Shift4. This should be the name of the program that you purchased or created. The following special characters are not allowed:  $ % : ^ - ~ `  , ? “ ” ‘ ’ { } [ ] \ + =
    Example: "ForwardPOS"

  - `CompanyName` (string, required)
    Refers to the vendor or partner that designed and certified the interface. The information you use in this field should match what Shift4 has on file or what was agreed upon in your Integration Plan. The following special characters are not allowed:  $ % : ^ - ~ `  , ? “ ” ‘ ’ { } [ ] \ + =
    Example: "PAWS"

## Request fields (application/json):

  - `dateTime` (string, required)
    The date and time in ISO 8601 format including the timezone offset (yyyy-mm-ddThh:mm:ss.nnn+hh:mm).

Must be sent as the local date/time of the merchant. For example, a request processed at a merchant in the Pacific time zone at 9:18am on April 15th 2021 would be sent as 2021-04-15T09:18:23.283-07:00

  - `credential` (object, required)

  - `credential.authToken` (string, required)
    A unique encrypted identifier that refers to a specific merchant account. It is required when making an [Access Token Exchange](/apis/payments-platform-rest/openapi/credentials/accesstokenexchange) request. For detailed information about the AuthToken, please see [Authentication](/guides/quickstart#access-token-exchange)

  - `credential.clientGuid` (string, required)
    The Client GUID is a unique identifier that is used to identify an interface across all of the merchant accounts that use it. The same Client GUID can be used for all versions of the same interface. If a completely new interface is certified, then you will receive a new Client GUID, which must be hard coded into the application and must not be a configurable field. The Client GUID is required when making an [Access Token Exchange](/apis/payments-platform-rest/openapi/credentials/accesstokenexchange). For detailed information about the Client GUID, please see [Authentication](/guides/quickstart#access-token-exchange).

## Response 200 fields (application/json):

  - `result` (array)

  - `result.dateTime` (string)
    The date and time in ISO 8601 format including the timezone offset (yyyy-mm-ddThh:mm:ss.nnn+hh:mm).

Must be sent as the local date/time of the merchant. For example, a request processed at a merchant in the Pacific time zone at 9:18am on April 15th 2021 would be sent as 2021-04-15T09:18:23.283-07:00

  - `result.credential` (object)

  - `result.credential.accessToken` (string)
    A security credential used to authenticate API requests and all [i4Go®](https://s4-myportal.s3.amazonaws.com/downloads/documentation/i4go/i4go%20technical%20reference%20guide.pdf) authorizeClient/preauthorizeClient requests. An Access Token is the alias for the merchant account and interface being used. The Access Token is required in all requests except an [Access Token Exchange](/apis/payments-platform-rest/openapi/credentials/accesstokenexchange) request, which generates an Access Token using an  and .

  - `result.server` (object)

  - `result.server.name` (string)
    The name of the server that processed the request.

## Response 400 fields (application/json):

  - `result` (array)

  - `result.error` (object)

  - `result.error.code` (integer)
    Code indicating the type of error that occurred. Refer to the [Error Codes](/guides/appendices/error-codes) section of this document for more details.

  - `result.error.severity` (string)
    Severity level of the error.

| Severity | Description                                                       |
| -------- | ----------------------------------------------------------------  |
| Info     | Action not required - Data input/formatting is incorrect          |
| Error    | Action may be required - Communication, timeout or network issue  |
| Alert    | Action required - System issue                                    |
    Enum: "Info", "Error", "Alert"

  - `result.error.shortText` (string)
    Abbreviated error message that is always returned if an error condition exists

  - `result.error.longText` (string)
    Extended error message that is returned if an error condition exists.

  - `result.error.primaryCode` (integer)
    Code indicating the type of error that occurred. Refer to the [Error Codes](/guides/appendices/error-codes) section of this document for more details.

  - `result.error.secondaryCode` (integer)
    This code supplements the code specified in the  field to provide additional information about the error that occurred.

  - `result.server` (object)

  - `result.server.name` (string)
    The name of the server that processed the request.

## Response 504 fields (application/json):

  - `result` (array)

  - `result.error` (object)

  - `result.error.code` (integer)
    Code indicating the type of error that occurred. Refer to the [Error Codes](/guides/appendices/error-codes) section of this document for more details.

  - `result.error.severity` (string)
    Severity level of the error.

| Severity | Description                                                       |
| -------- | ----------------------------------------------------------------  |
| Info     | Action not required - Data input/formatting is incorrect          |
| Error    | Action may be required - Communication, timeout or network issue  |
| Alert    | Action required - System issue                                    |
    Enum: "Info", "Error", "Alert"

  - `result.error.shortText` (string)
    Abbreviated error message that is always returned if an error condition exists

  - `result.error.longText` (string)
    Extended error message that is returned if an error condition exists.

  - `result.error.primaryCode` (integer)
    Code indicating the type of error that occurred. Refer to the [Error Codes](/guides/appendices/error-codes) section of this document for more details.

  - `result.error.secondaryCode` (integer)
    This code supplements the code specified in the  field to provide additional information about the error that occurred.

  - `result.lighthouse` (object)

  - `result.lighthouse.data` (string)
    Base64 encoded JSON formatted data that will be returned from Lighthouse to be passed back to SkyTab. This data will contain variable information.

  - `result.server` (object)

  - `result.server.name` (string)
    The name of the server that processed the request.