> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mobway.cloud/llms.txt
> Use this file to discover all available pages before exploring further.

# OAuth2 Authentication

mobway uses the OAuth2 standard for authentication, providing greater security and alignment with modern authentication standards. Each company has unique credentials composed of a **client\_id** and a **client\_secret**, which must be used to generate the access token through the [/token](/en/api-reference/endpoint/token) route.

## How to obtain access credentials

To obtain your **client\_id** and **client\_secret**, contact mobway by email at [info@mobway.cloud](mailto:info@mobway.cloud).

## How to use access credentials

In the [/token](/en/api-reference/endpoint/token) route, send the credentials in the request body as a form using the following fields:

```bash theme={null}
POST /token HTTP/1.1
Content-Type: application/x-www-form-urlencoded

username=<client_id>&password=<client_secret>
```

### Request Example

```bash theme={null}
curl -X POST https://api.mobway.cloud/token \
-H "accept: application/json" \
-d "username=<client_id>&password=<client_secret>"
```

The response will return a JWT token with information about the company and the token expiration time. This token must be used in subsequent requests for authentication.

<Warning>The credentials (client\_id and client\_secret) are unique per company and must not be shared!</Warning>

## What to do if you have an issue with your credentials

If you have any issue with your credentials, contact mobway by email at [support@mobway.cloud](mailto:support@mobway.cloud).

The **client\_id** and **client\_secret** must be stored securely and must not be shared with third parties. Do not store these credentials in public repositories or directly in your source code.

If you suspect that your credentials have been compromised, contact mobway so the credentials can be disabled and reissued.