# Auth

## Issue access token

`auth.issue_access_token(**kwargs) -> AuthIssueAccessTokenResponse`

**post** `/v1/auth/access-tokens`

Issues a short-lived access token from the authenticated API key. Access tokens can optionally be bound to a specific employer or employee for scoped access. Tokens expire after 15 minutes.

### Parameters

- `grant_type: :client_credentials`

  * `client_credentials` - client_credentials

  - `:client_credentials`

- `bound_entity: { id, type}`

  Optional entity to bind the token to for scoped access

  - `id: String`

    Prefixed entity ID to bind the token to (empr_* for employer, empl_* for employee)

  - `type: Type`

    * `employer` - employer
    * `employee` - employee

    - `:employer`

    - `:employee`

### Returns

- `class AuthIssueAccessTokenResponse`

  - `access_token: String`

    The issued access token (vit_at_*)

  - `expires_in: Integer`

    Token lifetime in seconds

  - `token_type: String`

    Token type, always 'Bearer'

  - `bound_entity: { id, type}`

    Entity the token is bound to, if any

    - `id: String`

      Prefixed entity ID the token is bound to (empr_* or empl_*)

    - `type: Type`

      * `employer` - employer
      * `employee` - employee

      - `:employer`

      - `:employee`

### Example

```ruby
require "vitable_connect"

vitable_connect = VitableConnect::Client.new(
  api_key: "My API Key",
  environment: "environment_1" # defaults to "production"
)

response = vitable_connect.auth.issue_access_token(grant_type: :client_credentials)

puts(response)
```

#### Response

```json
{
  "access_token": "vit_at_abc123def456...",
  "token_type": "Bearer",
  "expires_in": 910,
  "bound_entity": {
    "id": "empr_SGVsbG8gV29ybGQ",
    "type": "employer"
  }
}
```

## Domain Types

### Type

- `Type = :employer | :employee`

  * `employer` - employer
  * `employee` - employee

  - `:employer`

  - `:employee`