Creates a short-lived (1 hour) access token for use with the API. BitGo doesn't recommend using this endpoint for scripting. Instead, use the SDK or the web UI to create long-lived access tokens. However, short-lived access tokens are the only access tokens with the "user_manage" scope that enables you to programmatically add users to your enterprise using the Add User to Enterprise endpoint.

Request Body

email string <email>required
Example: user@example.com
otp string
Second factor authentication token
Example: 123456
password string required
Example: secret
1 2 3 4 5 bitgo.authenticate({ username: user, password: password, otp: '0000000' }).then(function (response) { var token = response.token; var user = response.user; // etc });

200 Response

access_token string required
Example: 9b72c68ef394f5146f0f3efc1feafb7a971752cb00e79fafcfd8c1d2db83639c
expires_at integer required
Unix timestamp
Example: 1534201288
scope array[string] required
Example: ["crypto_compare","user_manage","openid","profile","wallet_create","wallet_manage_all","wallet_approve_all","wallet_spend_all","wallet_edit_all","wallet_view_all"]
user object required
id string
Example: 59cd72485007a239fb00282ed480da1f
Match pattern: ^[0-9a-f]{32}$
isActive boolean
isFrozen boolean
freezeReason string
Example: Frozen due to suspicious activity
name object
username string <email>
Example: user@example.com
email object
phone object
country string
Example: USA
state string
Example: New York

401 Response

error string required
Human-readable error message
requestId string required
Client request id
context object
Properties that apply to a specific error name
name string required
Error code