Generate a payment access token

Create an access token to use to authenticate payments requests.

Before you can create any payments, you need to authenticate your requests and receive an access token.

Unlike with our Data API, this grant doesn’t represent a user, but an individual instance of a client creating a payment.

Generate a token

Option 3 in our API reference for the /token endpoint provides more details about what information to include in your request.

To generate an access token, make a POST request to the /token endpoint with your client_id, client_secret and your required scopes.

This is an example of a request to generate an access token:

curl -X POST \
    -d grant_type=client_credentials \
    -d client_id=${client_id} \
    -d client_secret=${client_secret} \
    -d scope=payments \

If your request is successful, you receive a response like this:

  "access_token": "JWT-ACCESS-TOKEN-HERE",
  "expires_in": 3600,
  "token_type": "Bearer",
  "scope": "payments"

When you generate an access token, you should also consider which scopes you need.

Specify scopes

When you make a request to generate an access token, you include a space-separated list of the functionalities it should support as part of the scope object.

This table explains the scopes you can include when you generate an access token.

Scope nameDescription
paymentsRequired to make single payments.

Include the payments scope when you create a VRP mandate, to ensure payments can be made on the mandate later.
trackingUsed to track events in the user authorisation journey. Must be enabled for your client by TrueLayer.
recurring_payments:sweepingRequired for sweeping VRP mandates.
recurring_payments:commercialRequired for commercial VRP mandates.
signupplusRequired to collect user details through a payment using the Signup+ API.


For more information on our legacy scopes, payouts and paydirect, see the Legacy API documentation.