# Generating token credentials for API access
## Introduction
A Patchworks **access token** is required to authorise API requests for sending data to the inbound URL for a Patchworks service.
To obtain this token, you send a set of **client credentials** to a Patchworks **token endpoint**. Patchworks validates these credentials and returns an **access token** you can use to POST custom payload data to the required service. Once the custom payload is received, it’s processed in the usual way.These steps are illustrated below:
{% hint style="info" %}
Access tokens are valid for 24 hours - for example: Issued: Wednesday 20th July at 10:03:08 GMT Expires: Tuesday 21st July at 10:03:08 GMT.
{% endhint %}
Use the **authentication** tab for an **Inbound API connector** to obtain/generate details required to request access tokens for secure access to the inbound URL for a Patchworks service. You will need:
* A Patchworks token endpoint
* OAuth credentials for this endpoint
{% hint style="info" %}
Patchworks uses **OAuth 2.0**. Watch this space for **Basic Authentication** support, coming soon!
{% endhint %}
## Prerequisites
To complete the steps detailed here, you must have completed the following tasks:
* [Adding an Inbound API connector with a custom payload](/product-documentation/patchworks-services/inbound-api/using-the-inbound-api-connector-with-patchworks-services.md)
## The steps
Follow the steps below:
**Step 1**\
Select the **authentication** tab for the required **Inbound API Connector**:
These steps assume you are following a 'create new' connector flow. If you need to use an existing connector, find the required connector and select the **authentication** tab:
**Step 2**\
Copy the **token endpoint** and paste it somewhere safe for future use:
… when prompted, enter a name for this set of credentials:
**Step 3**\
Move down to the **OAuth2 Clients** section and select **create an OAuth2 client**:
… when prompted, enter a name for this set of credentials:
**Step 4**\
Click the **create new OAuth2 client** button to confirm and display generated credentials:
**Step 5**\
Copy/paste this information somewhere safe for future use.
{% hint style="danger" %}
Once this page is closed, you can’t reaccess the client secret. If you lose this information, you need to generate a new set of credentials.
{% endhint %}
**Step 6**\
Click the **close** button to exit back to the connector **authentication** tab, where the new set of credentials is listed:
**Step 7**\
You are now ready to add a Patchworks service - see [Adding a Patchworks service for an Inbound API connector](/product-documentation/patchworks-services/inbound-api/using-the-inbound-api-connector-with-patchworks-services/adding-a-patchworks-service-for-an-inbound-api-connector.md).
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://doc.wearepatchworks.com/product-documentation/patchworks-services/inbound-api/using-the-inbound-api-connector-with-patchworks-services/generating-token-credentials-for-api-access.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
