URL

Prod

Audience : https://ibexhub.ibexmercado.com

OAUTH2_DOMAIN : https://auth.hub.poweredbyibex.io

Sandbox

Audience : https://api-sandbox.poweredbyibex.io

OAUTH2_DOMAIN : https://auth.hub.sandbox.poweredbyibex.io

Making the Token Request

Your service client must send an HTTP POST request to the Auth0 token endpoint with the following specifications:

Parameter	Value	Description
Method	`POST`	HTTP method for the request
URL	`<OAUTH2_DOMAIN>/oauth/token`	Replace `AUTH0_DOMAIN` with your actual Auth0 domain see above
Content-Type	`application/x-www-form-urlencoded`	Standard encoding for form data

Request Parameters

Include these parameters in the request body:

Parameter	Required	Description
`grant_type`	Yes	Must be set to `client_credentials`
`client_id`	Yes	Your application's client identifier
`client_secret`	Yes	Your application's client secret
`audience`	Yes	The unique identifier of the target API. See above audiences

Best Practices

Store client credentials securely using environment variables or secret management systems. Always use HTTPS for token requests. Implement proper token caching and renewal strategies. Monitor token expiration times to avoid service interruptions.

Common Issues

Invalid credentials: Double-check your client ID and secret. Wrong audience: Verify the API identifier matches your configuration. Scope issues: Ensure requested scopes are allowed for your client. Rate limiting: Implement appropriate retry logic with exponential backoff.