{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/PostOAuth2Token",
  "title": "Token request",
  "type": "object",
  "description": "A request for a new OAuth 2.0 token",
  "required": [
    "grant_type"
  ],
  "properties": {
    "grant_type": {
      "type": "string",
      "format": "urn",
      "example": "authorization_code",
      "description": "The type of request being made, either using a client-side obtained\nauthorization code, a refresh token, a JWT assertion, client credentials\ngrant or another access token for the purpose of downscoping a token.",
      "enum": [
        "authorization_code",
        "refresh_token",
        "client_credentials",
        "urn:ietf:params:oauth:grant-type:jwt-bearer",
        "urn:ietf:params:oauth:grant-type:token-exchange"
      ]
    },
    "client_id": {
      "type": "string",
      "description": "The Client ID of the application requesting an access token.\n\nUsed in combination with `authorization_code`, `client_credentials`, or\n`urn:ietf:params:oauth:grant-type:jwt-bearer` as the `grant_type`.",
      "example": "ly1nj6n11vionaie65emwzk575hnnmrk"
    },
    "client_secret": {
      "type": "string",
      "description": "The client secret of the application requesting an access token.\n\nUsed in combination with `authorization_code`, `client_credentials`, or\n`urn:ietf:params:oauth:grant-type:jwt-bearer` as the `grant_type`.",
      "example": "hOzsTeFlT6ko0dme22uGbQal04SBPYc1"
    },
    "code": {
      "type": "string",
      "format": "token",
      "description": "The client-side authorization code passed to your application by\nBox in the browser redirect after the user has successfully\ngranted your application permission to make API calls on their\nbehalf.\n\nUsed in combination with `authorization_code` as the `grant_type`.",
      "example": "n22JPxrh18m4Y0wIZPIqYZK7VRrsMTWW"
    },
    "refresh_token": {
      "type": "string",
      "format": "token",
      "description": "A refresh token used to get a new access token with.\n\nUsed in combination with `refresh_token` as the `grant_type`.",
      "example": "c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ"
    },
    "assertion": {
      "type": "string",
      "format": "jwt",
      "description": "A JWT assertion for which to request a new access token.\n\nUsed in combination with `urn:ietf:params:oauth:grant-type:jwt-bearer`\nas the `grant_type`.",
      "example": "xxxxx.yyyyy.zzzzz"
    },
    "subject_token": {
      "type": "string",
      "format": "token",
      "description": "The token to exchange for a downscoped token. This can be a regular\naccess token, a JWT assertion, or an app token.\n\nUsed in combination with `urn:ietf:params:oauth:grant-type:token-exchange`\nas the `grant_type`.",
      "example": "c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ"
    },
    "subject_token_type": {
      "type": "string",
      "example": "urn:ietf:params:oauth:token-type:access_token",
      "description": "The type of `subject_token` passed in.\n\nUsed in combination with `urn:ietf:params:oauth:grant-type:token-exchange`\nas the `grant_type`.",
      "enum": [
        "urn:ietf:params:oauth:token-type:access_token"
      ]
    },
    "actor_token": {
      "type": "string",
      "format": "token",
      "description": "The token used to create an annotator token.\nThis is a JWT assertion.\n\nUsed in combination with `urn:ietf:params:oauth:grant-type:token-exchange`\nas the `grant_type`.",
      "example": "c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ"
    },
    "actor_token_type": {
      "type": "string",
      "format": "urn",
      "example": "urn:ietf:params:oauth:token-type:id_token",
      "description": "The type of `actor_token` passed in.\n\nUsed in combination with `urn:ietf:params:oauth:grant-type:token-exchange`\nas the `grant_type`.",
      "enum": [
        "urn:ietf:params:oauth:token-type:id_token"
      ]
    },
    "scope": {
      "type": "string",
      "format": "space_delimited_list",
      "description": "The space-delimited list of scopes that you want apply to the\nnew access token.\n\nThe `subject_token` will need to have all of these scopes or\nthe call will error with **401 Unauthorized**.",
      "example": "item_upload item_preview base_explorer"
    },
    "resource": {
      "type": "string",
      "format": "url",
      "description": "Full URL for the file that the token should be generated for.",
      "example": "https://api.box.com/2.0/files/123456"
    },
    "box_subject_type": {
      "type": "string",
      "example": "enterprise",
      "description": "Used in combination with `client_credentials` as the `grant_type`.",
      "enum": [
        "enterprise",
        "user"
      ]
    },
    "box_subject_id": {
      "type": "string",
      "example": "123456789",
      "description": "Used in combination with `client_credentials` as the `grant_type`.\nValue is determined by `box_subject_type`. If `user` use user ID and if\n`enterprise` use enterprise ID."
    },
    "box_shared_link": {
      "type": "string",
      "format": "url",
      "description": "Full URL of the shared link on the file or folder\nthat the token should be generated for.",
      "example": "https://cloud.box.com/s/123456"
    }
  }
}