> For clean Markdown of any page, append .md to the page URL.
> For a complete documentation index, see https://docs.pay4power.com/llms.txt.
> For AI client integration (Claude Code, Cursor, etc.), connect to the MCP server at https://docs.pay4power.com/_mcp/server.

# Get Access Token

> Exchange your API credentials for a bearer token before calling protected Pay4Power endpoints.

Pay4Power uses bearer-token authentication for protected B2B API calls. Start every integration by exchanging your client credentials for an access token, then include that token in the `Authorization` header for subsequent requests.

## Token endpoint

```http
POST /auth/token
```

## Request credentials

| Field          | Description                           |
| -------------- | ------------------------------------- |
| `clientId`     | Your Pay4Power API client identifier. |
| `clientSecret` | Your Pay4Power API client secret.     |

Keep credentials server-side. Do not ship them in mobile apps, browser code, or public repositories.

## Example request

```bash
curl --request POST "https://p4p-core-bill-payments-service.dev.payinvert.com/api/v2.1/b2b/auth/token" \
  --header "Content-Type: application/json" \
  --data '{
    "clientId": "YOUR_CLIENT_ID",
    "clientSecret": "YOUR_CLIENT_SECRET"
  }'
```

## Use the token

```http
Authorization: Bearer <access_token>
```

After you receive the token, call the services and providers endpoints to discover the bill-payment products available to your account.

## Operational notes

* Request a fresh token before the current token expires.
* Store tokens only in secure backend memory or a protected secret store.
* Treat authentication failures as non-retryable until credentials or access permissions are corrected.