curl --request POST \
--url https://api.neus.network/api/v1/auth/mcp/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data 'code=<string>' \
--data 'redirect_uri=<string>' \
--data 'client_id=<string>' \
--data 'code_verifier=<string>' \
--data 'resource=<string>' \
--data 'refresh_token=<string>' \
--data 'scope=<string>'{
"access_token": "<string>",
"expires_in": 123,
"scope": "<string>",
"refresh_token": "<string>",
"expires_at": 123
}OAuth 2.0 Token Endpoint
Exchanges an authorization code for an MCP access token (authorization_code grant), or refreshes an existing token (refresh_token grant). Requires PKCE code_verifier for authorization_code exchanges. The access token is a JWT with audience https://mcp.neus.network/mcp and token_use=mcp_access. Refresh tokens are rotated on each use.
curl --request POST \
--url https://api.neus.network/api/v1/auth/mcp/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data 'code=<string>' \
--data 'redirect_uri=<string>' \
--data 'client_id=<string>' \
--data 'code_verifier=<string>' \
--data 'resource=<string>' \
--data 'refresh_token=<string>' \
--data 'scope=<string>'{
"access_token": "<string>",
"expires_in": 123,
"scope": "<string>",
"refresh_token": "<string>",
"expires_at": 123
}Documentation Index
Fetch the complete documentation index at: https://docs.neus.network/llms.txt
Use this file to discover all available pages before exploring further.
Body
Token endpoint request body (application/x-www-form-urlencoded). Supports authorization_code and refresh_token grant types.
OAuth 2.0 grant type.
authorization_code, refresh_token Authorization code (required for authorization_code grant).
Must exactly match the redirect_uri from the authorization request (required for authorization_code grant).
OAuth client identifier (required).
PKCE code verifier (required for authorization_code grant).
Resource indicator. Must be https://mcp.neus.network/mcp.
Refresh token (required for refresh_token grant).
Requested scope (space-separated). Must not exceed scope of the original authorization.
Response
Token response
Standard OAuth 2.0 token response. The access_token is a JWT with audience https://mcp.neus.network/mcp.
JWT access token with aud=https://mcp.neus.network/mcp.
Bearer Token lifetime in seconds.
Granted scope (space-separated).
Opaque or JWT refresh token. Rotated on each use. Included when offline_access scope was granted.
Convenience: absolute expiration timestamp (Unix ms).