beehiiv Developer Documentation

Exchanges an authorization code for an access token, or exchanges a refresh token for a new access token. Send parameters as application/x-www-form-urlencoded.

Request

This endpoint expects an object.

grant_typeenumRequired

authorization_code or refresh_token.

Allowed values:

codestringOptional

Authorization code returned from /oauth/authorize.

redirect_uristringOptional

Must match the redirect URI used in the authorization request.

client_idstringOptional

OAuth application client ID (uid).

client_secretstringOptional

Required for confidential clients.

refresh_tokenstringOptional

Refresh token returned from a previous token exchange.

code_verifierstringOptional

PKCE code verifier (required when a code challenge was sent).

Response

access_tokenstring

token_typeenum

The token type returned by OAuth2 token endpoints.

Allowed values:

expires_ininteger

created_atinteger

refresh_tokenstring or null

scopestring or null

1	import requests
2
3	url = "https://app.beehiiv.com/oauth/token"
4
5	payload = {
6	"grant_type": "authorization_code",
7	"code": "SplxlOBeZQQYbYS6WxSbIA",
8	"redirect_uri": "http://localhost:3008/callback",
9	"client_id": "WDgKDt_bHOXUfWRhGf2ovKZmFHQ9r_Erd01IPmz_boc",
10	"client_secret": "your-client-secret"
11	}
12	headers = {"Content-Type": "application/json"}
13
14	response = requests.post(url, json=payload, headers=headers)
15
16	print(response.json())

1	{
2	"access_token": "2YotnFZFEjr1zCsicMWpAA",
3	"token_type": "Bearer",
4	"expires_in": 7200,
5	"created_at": 1739980800,
6	"refresh_token": "tGzv3JOkF0XG5Qx2TlKWIA",
7	"scope": "posts:read"
8	}

Create token

Request

Response

Errors