Creates a short-lived (1 hour) access token for use with the API. The token must be specified to subsequent API calls via the "Authorization" HTTP header: """text Authorization: Bearer 9b72c68ef394f5146f0f3efc1feafb7a971752cb00e79fafcfd8c1d2db83639c """ We don't recommend using this endpoint for scripting. The preferred approach is to create a long-lived token in the web UI (see the Developer Options section in User Settings).

Request Body

email string <email>required
Example: user@example.com
otp string
Second factor authentication token
Example: 123456
password string required
Example: secret
1 2 3 4 5 bitgo.authenticate({ username: user, password: password, otp: '0000000' }).then(function (response) { var token = response.token; var user = response.user; // etc });

200 Response

access_token string required
Example: 9b72c68ef394f5146f0f3efc1feafb7a971752cb00e79fafcfd8c1d2db83639c
expires_at integer required
Unix timestamp
Example: 1534201288
scope array[string] required
Example: ["crypto_compare","user_manage","openid","profile","wallet_create","wallet_manage_all","wallet_approve_all","wallet_spend_all","wallet_edit_all","wallet_view_all"]
user object required
id string
Example: 59cd72485007a239fb00282ed480da1f
Match pattern: ^[0-9a-f]{32}$
isActive boolean
name object
email object
phone object
country string
Example: USA
state string
Example: New York

401 Response

error string required
Human-readable error message
requestId string required
Client request id
context object
Properties that apply to a specific error name
name string required
Error code