> For clean Markdown of any page, append .md to the page URL.
> For a complete documentation index, see https://help.sigmacomputing.com/llms.txt.
> For AI client integration (Claude Code, Cursor, etc.), connect to the MCP server at https://help.sigmacomputing.com/_mcp/server.

# Get access token

POST https://api.sigmacomputing.com/v2/auth/token
Content-Type: application/x-www-form-urlencoded

Use your Sigma client ID and secret with this endpoint to generate an access token valid for one hour, or to refresh your token. You can then use the access token to authenticate requests made to the Sigma API.

To make any API call with the Sigma API, including calls from the API documentation, you must have a valid bearer token. To generate a token, you must have a valid **Client ID** and **Secret**. See [Generate Sigma API client credentials](generate-client-credentials).

You make all API calls to a specific URL that corresponds to the cloud where your Sigma environment is hosted. Set the **Base URL** to the relevant URL for your environment. For details, see [Identify your API request URL](get-started-sigma-api#identify-your-api-request-url).

Generate a token by sending a POST request to this `/v2/auth/token` endpoint, or use the **Try It!** option on this page.

### Usage notes

- The API token is valid for 1 hour. When the token expires, an endpoint response returns an unauthorized error.
- Refresh your access token before it expires using the `refresh_token` option.
- If your client credentials are owned by a user assigned the Admin account type, you can generate an access token as a specific user using impersonation.
  

Reference: https://help.sigmacomputing.com/reference/post-token

## OpenAPI Specification

```yaml
openapi: 3.1.0
info:
  title: sigma-rest-api
  version: 1.0.0
paths:
  /v2/auth/token:
    post:
      operationId: postToken
      summary: Get access token
      description: >-
        Use your Sigma client ID and secret with this endpoint to generate an
        access token valid for one hour, or to refresh your token. You can then
        use the access token to authenticate requests made to the Sigma API.


        To make any API call with the Sigma API, including calls from the API
        documentation, you must have a valid bearer token. To generate a token,
        you must have a valid **Client ID** and **Secret**. See [Generate Sigma
        API client credentials](generate-client-credentials).


        You make all API calls to a specific URL that corresponds to the cloud
        where your Sigma environment is hosted. Set the **Base URL** to the
        relevant URL for your environment. For details, see [Identify your API
        request URL](get-started-sigma-api#identify-your-api-request-url).


        Generate a token by sending a POST request to this `/v2/auth/token`
        endpoint, or use the **Try It!** option on this page.


        ### Usage notes


        - The API token is valid for 1 hour. When the token expires, an endpoint
        response returns an unauthorized error.

        - Refresh your access token before it expires using the `refresh_token`
        option.

        - If your client credentials are owned by a user assigned the Admin
        account type, you can generate an access token as a specific user using
        impersonation.
          
      tags:
        - Auth
      parameters:
        - name: Authorization
          in: header
          description: OAuth authentication
          required: true
          schema:
            type: string
      responses:
        '200':
          description: The response body.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/auth_postToken_Response_200'
      requestBody:
        description: The request body.
        content:
          application/json:
            schema:
              type: object
              properties:
                grant_type:
                  type: string
                  description: Set to `client_credentials` to retrieve an access token.
                client_id:
                  type: string
                  description: Your API client ID.
                client_secret:
                  type: string
                  description: Your API client secret.
              required:
                - grant_type
                - client_id
                - client_secret
servers:
  - url: https://api.sigmacomputing.com
    description: Server for GCP (US) hosted organizations
  - url: https://api.sa.gcp.sigmacomputing.com
    description: Server for GCP (KSA) hosted organizations
  - url: https://aws-api.sigmacomputing.com
    description: Server for AWS US (West) hosted organizations
  - url: https://api.us-a.aws.sigmacomputing.com
    description: Server for AWS US (East) hosted organizations
  - url: https://api.ca.aws.sigmacomputing.com
    description: Server for AWS Canada hosted organizations
  - url: https://api.eu.aws.sigmacomputing.com
    description: Server for AWS Europe hosted organizations
  - url: https://api.au.aws.sigmacomputing.com
    description: Server for AWS Australia and APAC hosted organizations
  - url: https://api.uk.aws.sigmacomputing.com
    description: Server for AWS UK hosted organizations
  - url: https://api.us.azure.sigmacomputing.com
    description: Server for Azure US hosted organizations
  - url: https://api.eu.azure.sigmacomputing.com
    description: Server for Azure Europe hosted organizations
  - url: https://api.ca.azure.sigmacomputing.com
    description: Server for Azure Canada hosted organizations
  - url: https://api.uk.azure.sigmacomputing.com
    description: Server for Azure United Kingdom hosted organizations
  - url: https://api.au.azure.sigmacomputing.com
    description: Server for Azure Australia hosted organizations
components:
  schemas:
    auth_postToken_Response_200:
      type: object
      properties:
        access_token:
          type: string
          description: Token used to access the API and make requests.
        refresh_token:
          type: string
          description: Refresh token used to refresh the access token.
        token_type:
          type: string
          description: The type of token issued.
        expires_in:
          type: integer
          description: The number of seconds until the access token expires.
      required:
        - access_token
        - token_type
        - expires_in
      title: auth_postToken_Response_200
  securitySchemes:
    OAuth:
      type: http
      scheme: bearer
      description: OAuth 2.0 authentication

```

## Examples



**Request**

```json
{
  "grant_type": "client_credentials",
  "client_id": "abc123xyz789",
  "client_secret": "s3cr3tK3y!@#"
}
```

**Response**

```json
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
  "token_type": "Bearer",
  "expires_in": 3600,
  "refresh_token": "dGhpc0lzUmVmcmVzaFRva2VuMTIz"
}
```

**SDK Code**

```python
import requests

url = "https://api.sigmacomputing.com/v2/auth/token"

payload = ""
headers = {
    "Authorization": "<token>.",
    "Content-Type": "application/x-www-form-urlencoded"
}

response = requests.post(url, data=payload, headers=headers)

print(response.json())
```

```javascript
const url = 'https://api.sigmacomputing.com/v2/auth/token';
const options = {
  method: 'POST',
  headers: {Authorization: '<token>.', 'Content-Type': 'application/x-www-form-urlencoded'},
  body: new URLSearchParams('')
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}
```

```go
package main

import (
	"fmt"
	"net/http"
	"io"
)

func main() {

	url := "https://api.sigmacomputing.com/v2/auth/token"

	req, _ := http.NewRequest("POST", url, nil)

	req.Header.Add("Authorization", "<token>.")
	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}
```

```ruby
require 'uri'
require 'net/http'

url = URI("https://api.sigmacomputing.com/v2/auth/token")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = '<token>.'
request["Content-Type"] = 'application/x-www-form-urlencoded'

response = http.request(request)
puts response.read_body
```

```java
import com.mashape.unirest.http.HttpResponse;
import com.mashape.unirest.http.Unirest;

HttpResponse<String> response = Unirest.post("https://api.sigmacomputing.com/v2/auth/token")
  .header("Authorization", "<token>.")
  .header("Content-Type", "application/x-www-form-urlencoded")
  .asString();
```

```php
<?php
require_once('vendor/autoload.php');

$client = new \GuzzleHttp\Client();

$response = $client->request('POST', 'https://api.sigmacomputing.com/v2/auth/token', [
  'form_params' => null,
  'headers' => [
    'Authorization' => '<token>.',
    'Content-Type' => 'application/x-www-form-urlencoded',
  ],
]);

echo $response->getBody();
```

```csharp
using RestSharp;

var client = new RestClient("https://api.sigmacomputing.com/v2/auth/token");
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "<token>.");
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
IRestResponse response = client.Execute(request);
```

```swift
import Foundation

let headers = [
  "Authorization": "<token>.",
  "Content-Type": "application/x-www-form-urlencoded"
]

let request = NSMutableURLRequest(url: NSURL(string: "https://api.sigmacomputing.com/v2/auth/token")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error as Any)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()
```