> ## Documentation Index
> Fetch the complete documentation index at: https://cobo.com/developers/llms.txt
> Use this file to discover all available pages before exploring further.
# Get Org Access Token
> This operation is only applicable to Cobo Portal App developers. To call this operation, you need to use the Cobo OAuth authentication method that requires an app key.
This operation allows Cobo Portal Apps to get an Org Access Token and a Refresh Token with a specified client ID, organization ID, and grant type.
Access tokens allow the app to signal to the WaaS service that it has received permission to access specific resources of the app user's [organization](https://manuals.cobo.com/en/portal/organization/introduction). Once the app has been granted permission by the organization's admin, it can use this operation to obtain both an Org Access Token and a Refresh Token.
For security purposes, Org Access Tokens expire after a certain period. Once they expire, the app needs to call [Refresh token](https://www.cobo.com/developers/v2/api-references/oauth/refresh-org-access-token) to get a new Org Access Token and a new Refresh Token.
Try [Cobo WaaS Skill](/v2/guides/overview/cobo-waas-skill) in your AI coding assistant (Claude Code, Cursor, etc.). Describe your needs in natural language to auto-generate production-ready SDK code and debug faster 🚀
```python Python theme={null}
import cobo_waas2
from cobo_waas2.models.get_token2_xx_response import GetToken2XXResponse
from cobo_waas2.rest import ApiException
from pprint import pprint
# See configuration.py for a list of all supported configurations.
configuration = cobo_waas2.Configuration(
# Replace `` with your private key
api_private_key="",
# Select the development environment. To use the production environment, change the URL to https://api.cobo.com/v2.
host="https://api.dev.cobo.com/v2",
)
# Enter a context with an instance of the API client
with cobo_waas2.ApiClient(configuration) as api_client:
# Create an instance of the API class
api_instance = cobo_waas2.OAuthApi(api_client)
client_id = "pvSwS8iFrfK0oZrB0ugG54XPDOLEv0Ij"
org_id = "e3986401-4aec-480a-973d-e775a4518413"
grant_type = "org_implicit"
try:
# Get Org Access Token
api_response = api_instance.get_token(client_id, org_id, grant_type)
print("The response of OAuthApi->get_token:\n")
pprint(api_response)
except Exception as e:
print("Exception when calling OAuthApi->get_token: %s\n" % e)
```
```java Java theme={null}
// Import classes:
import com.cobo.waas2.ApiClient;
import com.cobo.waas2.ApiException;
import com.cobo.waas2.Configuration;
import com.cobo.waas2.Env;
import com.cobo.waas2.api.OAuthApi;
import com.cobo.waas2.model.*;
public class Example {
public static void main(String[] args) {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Select the development environment. To use the production environment, replace `Env.DEV` with
// `Env.PROD
defaultClient.setEnv(Env.DEV);
// Replace `` with your private key
defaultClient.setPrivKey("");
OAuthApi apiInstance = new OAuthApi();
String clientId = "pvSwS8iFrfK0oZrB0ugG54XPDOLEv0Ij";
String orgId = "e3986401-4aec-480a-973d-e775a4518413";
String grantType = "org_implicit";
try {
GetToken2XXResponse result = apiInstance.getToken(clientId, orgId, grantType);
System.out.println(result);
} catch (ApiException e) {
System.err.println("Exception when calling OAuthApi#getToken");
System.err.println("Status code: " + e.getCode());
System.err.println("Reason: " + e.getResponseBody());
System.err.println("Response headers: " + e.getResponseHeaders());
e.printStackTrace();
}
}
}
```
```go Go theme={null}
package main
import (
"context"
"fmt"
coboWaas2 "github.com/CoboGlobal/cobo-waas2-go-sdk/cobo_waas2"
"github.com/CoboGlobal/cobo-waas2-go-sdk/cobo_waas2/crypto"
"os"
)
func main() {
clientId := "pvSwS8iFrfK0oZrB0ugG54XPDOLEv0Ij"
orgId := "e3986401-4aec-480a-973d-e775a4518413"
grantType := "org_implicit"
configuration := coboWaas2.NewConfiguration()
// Initialize the API client
apiClient := coboWaas2.NewAPIClient(configuration)
ctx := context.Background()
// Select the development environment. To use the production environment, replace coboWaas2.DevEnv with coboWaas2.ProdEnv
ctx = context.WithValue(ctx, coboWaas2.ContextEnv, coboWaas2.DevEnv)
// Replace `` with your private key
ctx = context.WithValue(ctx, coboWaas2.ContextPortalSigner, crypto.Ed25519Signer{
Secret: "",
})
resp, r, err := apiClient.OAuthAPI.GetToken(ctx).
ClientId(clientId).
OrgId(orgId).
GrantType(grantType).
Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `OAuthAPI.GetToken``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
}
// response from `GetToken`: GetToken2XXResponse
fmt.Fprintf(os.Stdout, "Response from `OAuthAPI.GetToken`: %v\n", resp)
}
```
```javascript JavaScript theme={null}
const CoboWaas2 = require("@cobo/cobo-waas2");
// Initialize the API client
const apiClient = CoboWaas2.ApiClient.instance;
// Select the development environment. To use the production environment, replace `Env.DEV` with `Env.PROD`
apiClient.setEnv(CoboWaas2.Env.DEV);
// Replace `` with your private key
apiClient.setPrivateKey("");
// Call the API
const apiInstance = new CoboWaas2.OAuthApi();
const client_id = "pvSwS8iFrfK0oZrB0ugG54XPDOLEv0Ij";
const org_id = "e3986401-4aec-480a-973d-e775a4518413";
const grant_type = "org_implicit";
apiInstance.getToken(client_id, org_id, grant_type).then(
(data) => {
console.log("API called successfully. Returned data: " + data);
},
(error) => {
console.error(error);
},
);
```
## OpenAPI
````yaml get /oauth/token
openapi: 3.0.3
info:
title: Cobo Wallet as a Service 2.0
description: >
The Cobo Wallet-as-a-Service (WaaS) 2.0 API is the latest version of Cobo's
WaaS API offering. It enables you to access Cobo's full suite of crypto
wallet technologies with powerful and flexible access controls. By
encapsulating complex security protocols and streamlining blockchain
interactions, this API allows you to concentrate on your core business
activities without worrying about the safety of your assets. The WaaS 2.0
API presents the following key features:
- A unified API for Cobo's [all four wallet
types](https://manuals.cobo.com/en/portal/introduction#an-all-in-one-wallet-platform)
- Support for 80+ chains and 3000+ tokens
- A comprehensive selection of webhook events
- Flexible usage models for MPC Wallets, including [Organization-Controlled
Wallets](https://manuals.cobo.com/en/portal/mpc-wallets/ocw/introduction)
and [User-Controlled
Wallets](https://manuals.cobo.com/en/portal/mpc-wallets/ucw/introduction)
- Programmatic control of smart contract wallets such as Safe{Wallet} with
fine-grained access controls
- Seamlessly transfer funds across multiple exchanges, including Binance,
OKX, Bybit, Deribit, and more
For more information about the WaaS 2.0 API, see [Introduction to WaaS
2.0](https://www.cobo.com/developers/v2/guides/overview/introduction).
termsOfService: https://cobo.com/waas/tos/
license:
name: Apache 2.0
url: https://www.apache.org/licenses/LICENSE-2.0.html
contact:
name: Cobo WaaS
url: https://www.cobo.com/waas
email: help@cobo.com
version: 1.0.0
servers:
- url: https://api.dev.cobo.com/v2
description: Development environment
- url: https://api.cobo.com/v2
description: Production environment
security:
- CoboAuth: []
tags:
- name: Organizations
description: Operations related to Organizations.
- name: Wallets
description: Operations related to all wallets.
- name: Wallets - MPC Wallets
description: Operations related to mpc wallet.
- name: Wallets - Exchange Wallet
description: Operations related to exchange wallet.
- name: Wallets - Smart Contract Wallets
description: Operations related to smart contract wallet.
- name: Transactions
description: Operations related to all transactions.
- name: Developers - Webhooks
description: Operations related to webhooks.
- name: Stakings
description: Operations related to staking.
- name: OAuth
description: Operations related to OAuth.
- name: Developers
description: Operations related to developers.
- name: AddressBooks
description: Operations related to address books.
- name: TravelRule
description: Operations related to travel rule.
- name: GraphQL
description: Operations related to executing GraphQL queries and mutations.
- name: PrimeBroker
description: Operations related to prime broker.
- name: AppWorkflows
description: Operations related to app workflow.
- name: FeeStation
description: Operations related to fee station.
- name: Payment
description: Operations related to payment.
- name: Batch Payouts
description: Operations related to batch payouts.
- name: Tokenization
description: Operations related to tokenization.
- name: AutoSweep
description: Operations related to auto sweep.
- name: Compliance
description: Operations related to compliance.
paths:
/oauth/token:
get:
tags:
- OAuth
summary: Get Org Access Token
description: >
This operation is only applicable to Cobo Portal App developers.
To call this operation, you need to use the Cobo OAuth authentication
method that requires an app key.
This operation allows Cobo Portal Apps to get an Org Access Token and a
Refresh Token with a specified client ID, organization ID, and grant
type.
Access tokens allow the app to signal to the WaaS service that it has
received permission to access specific resources of the app user's
[organization](https://manuals.cobo.com/en/portal/organization/introduction).
Once the app has been granted permission by the organization's admin, it
can use this operation to obtain both an Org Access Token and a Refresh
Token.
For security purposes, Org Access Tokens expire after a certain period.
Once they expire, the app needs to call [Refresh
token](https://www.cobo.com/developers/v2/api-references/oauth/refresh-org-access-token)
to get a new Org Access Token and a new Refresh Token.
operationId: get_token
parameters:
- $ref: '#/components/parameters/ClientIdRequiredParam'
- $ref: '#/components/parameters/OrgIdRequiredParam'
- $ref: '#/components/parameters/GrantTypeRequiredParam'
responses:
2XX:
$ref: '#/components/responses/getTokenResponse'
4XX:
$ref: '#/components/responses/oauthErrorResponse'
5XX:
$ref: '#/components/responses/internalServerError'
components:
parameters:
ClientIdRequiredParam:
name: client_id
in: query
required: true
description: >-
The client ID, a unique identifier to distinguish Cobo Portal Apps. You
can get the client ID by retrieving the manifest file after publishing
the app.
schema:
type: string
example: pvSwS8iFrfK0oZrB0ugG54XPDOLEv0Ij
OrgIdRequiredParam:
name: org_id
in: query
required: true
description: >-
Organization ID, a unique identifier to distinguish different
organizations. You can get the organization ID from the callback message
sent to the URL that was configured in the manifest file.
schema:
type: string
example: e3986401-4aec-480a-973d-e775a4518413
GrantTypeRequiredParam:
name: grant_type
in: query
required: true
description: The OAuth grant type. Set the value as `org_implicit`.
schema:
type: string
example: org_implicit
responses:
getTokenResponse:
description: The request was successful.
content:
application/json:
schema:
type: object
properties:
access_token:
type: string
description: The Org Access Token.
example: >-
AnCEPEp5Q8qjAOA1Lb6kVd2OlkCyJnMTeMPdLbPOM8cz176Eb5y7EJoUjJJ0vkzz
token_type:
type: string
description: The type of the tokens, which is Bearer.
example: Bearer
scope:
type: string
description: >
The scope of the Org Access Token to limit the app's access to
the organization's resources.
**Note**: Currently this property value is empty. The scope of
the Org Access Token is based on the permissions granted when
the app user installs the app.
example: ''
expires_in:
type: integer
description: The time in seconds in which the Org Access Token expires.
example: 43199
refresh_token:
type: string
description: >-
The Refresh Token, used to obtain a new Org Access Token when
the current Org Access Token expires. The expiration time for
Refresh Tokens is currently set to 30 days and is subject to
change.
example: >-
rK49jI0zt49gsttzscscik15Asmlpu1TdcxqguJJS8B9f6ilJEC0y3PbVqwsEAw5
oauthErrorResponse:
description: Unauthorized. Please provide valid credentials.
content:
application/json:
schema:
type: object
description: The response of a failed request.
required:
- error
- error_description
properties:
error:
type: string
description: The error name.
error_description:
type: string
description: The error description.
internalServerError:
description: Internal server error.
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponse'
schemas:
ErrorResponse:
type: object
description: The response of a failed request.
required:
- error_code
- error_message
- error_id
properties:
error_code:
type: integer
description: >-
The error code. Refer to [Error codes and status
codes](https://www.cobo.com/developers/v2/api-references/error-codes)
for more details.
error_message:
type: string
description: The error description.
error_id:
type: string
description: >-
The error log ID. You can provide the error ID when submitting a
ticket to help Cobo to locate the issue.
example: 0b6ddf19083c4bd1a9ca01bec44b24dd
securitySchemes:
CoboAuth:
type: apiKey
in: header
name: BIZ-API-KEY
description: >
The API key. For more details, refer to [API
key](https://www.cobo.com/developers/v2/guides/overview/cobo-auth#api-key).
In the API playground, enter your [API
secret](https://www.cobo.com/developers/v2/guides/overview/cobo-auth#api-secret),
and your API key will be accordingly calculated.
````