---
title: "Step 1: Get a new PingOne access token"
description: Because the access token you used for the workflow to create a test environment may have expired (a 1 hour expiry), you'll again call the POST {{authPath}}/{{adminEnvID}}/as/token request to obtain a new access token. This request uses Basic authorization to get an access token having an authorization code grant type.
component: pingone-api
page_id: pingone-api:getting-started:simple-sso-workflow/step-1-get-new-access-token
canonical_url: https://developer.pingidentity.com/pingone-api/getting-started/simple-sso-workflow/step-1-get-new-access-token.html
section_ids:
  troubleshooting: Troubleshooting
  headers: Headers
  body: Body
  example-request: Example Request
  example-response: Example Response
---

# Step 1: Get a new PingOne access token

##

```none
POST {{authPath}}/{{adminEnvID}}/as/token
```

Because the access token you used for the workflow to create a test environment may have expired (a 1 hour expiry), you'll again call the `POST {{authPath}}/{{adminEnvID}}/as/token` request to obtain a new access token. This request uses Basic authorization to get an access token having an `authorization code` grant type.

In this request:

* `{{authPath}}` is the geographic domain to use for authentication and authorization for your PingOne environment. The PingOne top-level domain is `https://auth.pingone.com/` for the U.S. Refer to [PingOne API domains](../../before-you-begin/introduction.html#pingone-api-domains) for the top-level domains for other regions.

* `{{adminEnvID}}` is the environment that contains the admin Worker application you created using the PingOne admin console in the prior workflow to [Create an admin Worker app connection](../create-an-admin-worker-app/step-3-assign-roles.html).

If you're using Postman, set these variables in the Authorization tab. If you're not using Postman, these are header variables:

* `{{adminAppID}}` is your Worker application's **Client ID** that you obtained from the PingOne admin console when you created the Worker app.

* `{{adminAppSecret}}` is your Worker application's **Client Secret** that you obtained from the PingOne admin console when you created the Worker app.

![Dev Guide Postman Environment](../../_images/p1_PostmanDevEnv1.png)

When successful, the response returns a `Status: 200 OK` message, and an access token is returned.

### Troubleshooting

* Verify that `{{adminEnvID}}` is the ID for your initial PingOne environment (automatically created for your account), used when you created the admin Worker app connection.

* Verify that `{{authPath}}` is correct for your geographic domain .

* If you're using Postman, verify the URL against the `{{adminAppID}}` and `{{adminAppSecret}}` values shown in Postman's Auth tab to ensure the correct values have been added to your Postman environment. In Postman, unassigned variables are shown in red, and assigned variables in blue.

### Headers

Authorization

Content-Type      application/x-www-form-urlencoded

### Body

urlencoded ( application/x-www-form-urlencoded )

| Key         | Value               |
| ----------- | ------------------- |
| grant\_type | client\_credentials |

##

### Example Request

* cURL

* C#

* Go

* HTTP

* Java

* jQuery

* NodeJS

* Python

* PHP

* Ruby

* Swift

```shell
curl --location --globoff '{{authPath}}/{{adminEnvID}}/as/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19' \
--data-urlencode 'grant_type=client_credentials'
```

```csharp
var options = new RestClientOptions("{{authPath}}/{{adminEnvID}}/as/token")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddHeader("Authorization", "Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19");
request.AddParameter("grant_type", "client_credentials");
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
```

```golang
package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "{{authPath}}/{{adminEnvID}}/as/token"
  method := "POST"

  payload := strings.NewReader("grant_type=client_credentials")

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
  req.Header.Add("Authorization", "Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}
```

```http
POST /{{adminEnvID}}/as/token HTTP/1.1
Host: {{authPath}}
Content-Type: application/x-www-form-urlencoded
Authorization: Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19

grant_type=client_credentials
```

```java
OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
RequestBody body = RequestBody.create(mediaType, "grant_type=client_credentials");
Request request = new Request.Builder()
  .url("{{authPath}}/{{adminEnvID}}/as/token")
  .method("POST", body)
  .addHeader("Content-Type", "application/x-www-form-urlencoded")
  .addHeader("Authorization", "Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19")
  .build();
Response response = client.newCall(request).execute();
```

```javascript
var settings = {
  "url": "{{authPath}}/{{adminEnvID}}/as/token",
  "method": "POST",
  "timeout": 0,
  "headers": {
    "Content-Type": "application/x-www-form-urlencoded",
    "Authorization": "Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19"
  },
  "data": {
    "grant_type": "client_credentials"
  }
};

$.ajax(settings).done(function (response) {
  console.log(response);
});
```

```javascript
var request = require('request');
var options = {
  'method': 'POST',
  'url': '{{authPath}}/{{adminEnvID}}/as/token',
  'headers': {
    'Content-Type': 'application/x-www-form-urlencoded',
    'Authorization': 'Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19'
  },
  form: {
    'grant_type': 'client_credentials'
  }
};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});
```

```python
import requests

url = "{{authPath}}/{{adminEnvID}}/as/token"

payload = 'grant_type=client_credentials'
headers = {
  'Content-Type': 'application/x-www-form-urlencoded',
  'Authorization': 'Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)
```

```php
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{authPath}}/{{adminEnvID}}/as/token');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Content-Type' => 'application/x-www-form-urlencoded',
  'Authorization' => 'Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19'
));
$request->addPostParameter(array(
  'grant_type' => 'client_credentials'
));
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}
```

```ruby
require "uri"
require "net/http"

url = URI("{{authPath}}/{{adminEnvID}}/as/token")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/x-www-form-urlencoded"
request["Authorization"] = "Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19"
request.body = "grant_type=client_credentials"

response = http.request(request)
puts response.read_body
```

```swift
let parameters = "grant_type=client_credentials"
let postData =  parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "{{authPath}}/{{adminEnvID}}/as/token")!,timeoutInterval: Double.infinity)
request.addValue("application/x-www-form-urlencoded", forHTTPHeaderField: "Content-Type")
request.addValue("Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19", forHTTPHeaderField: "Authorization")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()
```

### Example Response

200 OK

```json
{
    "access_token": "eyJhbGciOi....",
    "token_type": "Bearer",
    "expires_in": 3600
}
```