Skip to main content


Symbl uses the OAuth2.0 Protocol for Authentication. To begin, get your API Credentials from Symbl Platform. Using these credentials you can then generate the Access Token to invoke Symbl API calls.

Step 1: Get your API Credentials#

The first step is to get your App ID and App Secret from the Symbl Platform. To do this, follow the steps given below:

  1. Log into Symbl Platform.

  2. From the homepage, copy your App ID and App Secret.


Ensure that you keep this Credentials safe and handy as you need it to generate the Access Token. However, you can always log back in and get the credentials anytime.

These credentials will be required every time you generate the Access Token.

Step 2: Generate the Access Token#

Once you have your API Credentials, you can generate the Access Token and use it in the API Authorization.

To generate the Access Token, make a POST request to the endpoint:

You must send your App ID and Secret in the request body. See the sample requests below:


The Node.js code works with Node.js 7+ and browsers. You will need to install the request library for the Node.js sample code.

curl -k -X POST "" \
-H "accept: application/json" \
-H "Content-Type: application/json" \
-d $'{
"type" : "application",
"appId": "'$APP_ID'",
"appSecret": "'$APP_SECRET'"

Alternatively, you can also generate the Token from Postman using the cURL command given above.

On successful completion, the success message appears as shown below:

"accessToken": "your_accessToken",
"expiresIn": 86400

accessToken - Token to be used for authorization in the Authorization header. expiresIn - Duration in seconds after which the accessToken expires.

For any invalid appId and appSecret combination, the HTTP 401 Unauthorized response code will be returned.

You can now use this accessToken to authenticate yourself and invoke Symbl APIs.


expiresIn is the duration in seconds after which the Access Token expires. The default expiration time is 86400 seconds. You can generate the Token again after the expiration.

Regenerating Access Token#

To maximize security, we allow the Access Token to be used only for a default duration of 86400 secs. On the expiry, you can regenerate it using Step 2.

Also note that once a token is generated with an initial expiry of 86400, we will hold that in cache until it is near expiration. If you make a request to generate a token and there is still one cached, we will return that token with the remaining expiry time.