2 min read
Definition
An access token is a signed, time-limited credential — a JWT — that proves your right to call the partner ring. It carries the granted scopes and an expiry, and is verifiable against the JWKS.
In plain terms
The temporary pass your server shows on every authenticated call.
Why it matters here
Cache it and reuse it until just before expiry rather than minting per request. See the token lifecycle.
Related reading

Client-credentials grant
The client-credentials grant is the OAuth 2.0 machine-to-machine flow: a server exchanges a client ID and…
Read →
Scope
A scope is a named capability on an OAuth token — like applications:write — that bounds what the token can…
Read →
JWKS (JSON Web Key Set)
A JWKS is the published set of public keys that sign partner access tokens. Fetch it, cache by key ID, and…
Read →Funding for UK limited companies
Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.