BEARER TOKEN LIFESPAN
The lifespan of a Bearer token is one hour (3600 seconds) for both sandbox and production environments.
We recommend automating transactions to use the tokens generated over the token lifespan. Obtaining tokens for each transaction is less efficient and does not improve the security criteria for any transactions.
Bearer Token Request Format
curl -X POST \
'**https://sandbox-apigw.optum.com/apip/auth/v2/token/**' \
-H 'Content-Type: application/json' \
-d '{
"client_id": "<Your-ClientId>",
"client_secret": "<Your-ClientSecret>",
"grant_type": "client_credentials"
}'
Bearer Token Request Format Example
curl -X POST \
https://sandbox-apigw.optum.com/apip/auth/v2/token \\
-H 'Content-Type: application/x-www-form-urlencoded' \\
-d 'client_id=hghjhgjtgjtgjhhhjasdfhghjhgj\&client_secret=asdfdfjsdhfjhsdhf\&grant_type=client_credentials'
When you use an API client, such as a Postman tool, the JSON body for the request must appear as follows:
Bearer Token Request Example
{
"client_id": "hghjhgjtgjtgjhhhjasdfhghjhgj",
"client_secret": "asdfdfjsdhfjhsdhf",
"grant_type": "client_credentials"
}
To test API in your sandbox, use your client_id and client_secret to get your token. If you do not have your credentials, reach out to your account manager or contact Optum.
Bearer Token Response Example
{
"access_token":
"eyJraWQiOiIxIiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.eyJhY2Nlc3NfdG9rZW4iOiJkc1JvRTMzSFYzbnpkYjh3ak1hWWtFUmY4VVF5IiwiYXVkIjoiYXBpUGxhdGZvcm0iLCJuYmYiOjE2MTA0OTMxMTAsImFwaV9wcm9kdWN0X2xpc3QiOlsiTU5fUHJvZHVjdF9DbGFpbVN0YXR1c192MiIsIk1OX1Byb2R1Y3RfRWxpZ2liaWxpdHlfdjMiLCJNTl9Qcm9kdWN0X1Byb2Zlc3Npb25hbENsYWltc192MyIsIlRQX1Byb2R1Y3RfVHJhZGluZ1BhcnRuZXJzX3Y3IiwiTU5fUHJvZHVjdF9SZXBvcnRzX3YxIiwiTU5fUHJvZHVjdF9BdHRhY2htZW50c192MSIsIk1OX1Byb2R1Y3RfSW5zdGl0dXRpb25hbENsYWltc192MSIsIk1OX1Byb2R1Y3RfUERfQ2xhaW1zU3RhdHVzX3YxIiwiTU5fUHJvZHVjdF9QRF9DbGFpbXNfdjEiLCJNTl9Qcm9kdWN0X1BEX0VsaWdpYmlsaXR5X3YxIiwiVFBfUHJvZHVjdF9UcmFkaW5nUGFydG5lciJdLCJhcHBsaWNhdGlvbl9uYW1lIjoiSU5fQVBJUF9NTl9DSENfVGVzdEFwcCIsImRldmVsb3Blcl9lbWFpbCI6ImNkcHRlYW1AY2hhbmdlaGVhbHRoY2FyZS5jb20iLCJpc3MiOiJodHRwczovL3NhbmRib3guYXBpcy5jaGFuZ2VoZWFsdGhjYXJlLmNvbSIsImV4cCI6MTYxMDQ5NjcxMCwiaWF0IjoxNjEwNDkzMTEwLCJqdGkiOiJjNjQ4ODBjMC1hZDFhLTQ1NzEtOGJjYi02YmI2NGQ1YWRlYTgifQ.t8YPbCuyn_CNXmMIwlIL0y14j-RqO1VsHSkahtXZrf5uURZ0grU_oDepwNeRKf2Sr8norTSEsKvjPSFHaKxb_U7yQ2g9UnyH5PA1X63-Lj5v8h38BdUk19p2GQBJSzmGPEyazvYoCCxSGZ68RN9kZb_WrQWObsrMyb1JFN_zeWa2j3YGgbBglZNO_Wt1Ty6ZQrDWcxeVMlbIRMDAKYBUrmmTTsIpHrol-5YzyYgZVBpO-Hxz_otD4t-_DRx5_cxLl4tG1qi7i2Ddb65eO3XxQU-Ibzb9bAT4HXIR3Ab735cTJMBlK9jCfDc0DDCBkpGAHwJV5rj0zOEitC1xciLt3g",
"token_type": "bearer",
"expires_in": 3600
}
When you are ready to move from sandbox to production environment, replace the sandbox authorization URL with the following production URL:
<https://apigw.optum.com/apip/auth/v2/token>You are now ready to use the bearer token to access the API that you have been authorized to try.