With service accounts, you are enabled to use the OAuth2 Client Credentials Flow for accessing Talend Cloud APIs. This service account specific token is more secure than the personal access tokens typically used by a user.
It is recommended to use service accounts along with their access tokens to issue API calls, when a specific user does not need to be involved in these calls.

Media type



Global security

These security schemes apply to the entire API

Security scheme

This scheme can be referenced across the API

Basic authentication
Name Description
Name Description Type Attributes and examples
Authorization Base64 encoding of a client_id:client_secret pair. For example, if the service account uses “Aladdin” as the client id and “open_sesame” as the secret, then the header’s value is the Base64 encoding of “Aladdin:open_sesame”, or “QWxhZGRpbjpvcGVuIHNlc2FtZQ==”. string Required

Get JWT token

POST /security/oauth/token
Use the service account credentials to get an OAuth2 JWT access token through the Client Credentials Grant flow.
Required permission to use this endpoint: Service Account - Manage. The ID of this permission is TMC_SERVICE_ACCOUNT_MANAGEMENT.


Query parameters
Name Description Type Attributes and examples
talendVersion API version string Optional
Name Description Type Attributes and examples
talend-version API version string Optional


200Status 200
Token is generated successfully
401Status 401
The ClientId or Secret is missing or invalid
403Status 403
The account provided does not have the required permissions
500Status 500
500 - Internal Server Error


A token request is an object used to obtain an access token through the OAuth 2 Client Credentials Grant flow.
Name Description Type Attributes and examples
grant_type The OAuth 2 flow that must be used to obtain an access token. The value must be set to “client_credentials”. string Required
audience The unique identifier of the target API to access string Required


Access token is returned in this response.
Name Description Type Attributes and examples
access_token The access token obtained in JWT format. string Required
token_type The type of the token issued as described in the OAuth 2 specification. The value is usually “Bearer”. string Required
expires_in The lifetime in seconds of the access token. For example, the value 3600 denotes that the access token expires at the end of one hour from the time the response is generated. string Optional
back to top