For the complete documentation index, see llms.txt.

POST /oauth/token

Token Endpoint (OAuth 2.1)

Exchanges an authorization code (with PKCE `code_verifier`) for an access + refresh token pair, or rotates a refresh token. Accepts `application/x-www-form-urlencoded` per the OAuth spec. Access tokens are opaque (`vennio_at_...`, 1-hour TTL); refresh tokens (`vennio_rt_...`, 30-day TTL) are single-use and rotated on redemption.

Auth required: No

Request Body

Responses

Authentication

This endpoint does not require authentication.

Base URL: https://api.vennio.app