# Access Token API ## Create/Refresh a merchant session `POST` `/api/merchant/:merchantId/sessions` Creates a new merchant session **Headers**

Name	Value
Content-Type	`application/json`
Authorization	`Basic <API KEY>`

**Request**

Property Type Description

access_token string Optional: If provided, invalidates existing token and provides a new one

expires_in int Optional: the value in seconds for the token expiration. default is 900 (15 min)

scope

string

Property	Type	Description
access_token	string	Optional: If provided, invalidates existing token and provides a new one
expires_in	int	Optional: the value in seconds for the token expiration. default is 900 (15 min)
scope	string	Optional: `readonly` \| `default` Setting scope to `readonly` restricts actions like hiding the Refund button in the transaction widget. Note: if not provided, `default` will be applied.

Optional: readonly | default

Setting scope to readonly restricts actions like hiding the Refund button in the transaction widget.

Note: if not provided, default will be applied.

**Response** {% tabs %} {% tab title="200" %} ```json { access_token: "", expires_in: "", scope: "default", type: "Session" } ``` {% endtab %} {% tab title="401" %} ```json { "error": true, "message": "Unauthenticated" } ``` {% endtab %} {% tab title="422" %} ```json { "success": false, "message": "Failed to validate", "errors": [ { "field": "expires_in", "message": "expires_in must not be less than 60" } ] } ``` {% endtab %} {% endtabs %} ## Delete a merchant session `DELETE` `/api/merchant/:merchantId/sessions/:accessToken` Deletes a merchant session **Headers** | Name | Value | | ------------- | ------------------ | | Content-Type | `application/json` | | Authorization | `Basic ` | **Response** {% tabs %} {% tab title="204" %} ```json no reponse body expected ``` {% endtab %} {% endtabs %}