Intralinks Developer Portal

Creates the oauth2 token and oauth2 refresh token.


Resource Location

POST /v2/oauth/token


Request Parameters

Parameters can either be in the query string or x-www-urlencoded-form.

Note that only authorization_code grant type is supported by default in the grant_type field. To use client_credentials or refresh_token, please contact the Intralinks API team and we can enable your app for these features.


If you need to authenticate with the API using SSO use the grant type urn:ietf:params:oauth:client-assertion-type:saml2-bearer. Please note you will need to setup a valid SSO connection with Intralinks before this method can be used. Please contact your Intralinks account representative or Intralinks Global Support at for more details on setting up SSO with your organization.

Parameter Description Required Example
code Authorization code. This is provided in the “code” query parameter of the URL that the /authorize API redirects to after a successful login. No* This parameter is only required when using the authorization_code grant type
grant_type One of the following:
client_id Intralinks API consumer key. Provided to users of the API. Yes  
client_secret Intralinks API consumer secret. Provided to users of the API. Yes  
endOtherSessions Used to end any other Intralinks Platform sessions the user may have started. This parameter can be used to override the "concurrent user" setting that allows users to maintain multiple sessions.
Should be set to True or False.
Default is False


Form parameters:

If you are using the client_credentials grant type you need to pass the following parameters as x-www-urlencoded-form form values.

Parameter Description Required Example
email Your Intralinks login email Yes  
password Your Intralinks login password Yes  


If you are using the urn:ietf:params:oauth:client-assertion-type:saml2-bearer grant type to log in using SSO you need to pass the following parameter as x-www-urlencoded-form form values.

Parameter Description Required Example
SAMLResponse This is a Base64 encoded SAMLResponse XML object. This object must be signed by your private key and we must have a copy or your public key on file. Please contact for assistance setting this up. Yes Examples of valid response objects can be found online (example here) or from your IdP provider.


Response Payload

    "access_token": "<access_token>",
    "token_type": "BearerToken",
    "expires_in": 3599,
    "refresh_token": "<refresh_token>",
    "refresh_token_expires_in": 2591999,
    "redirect_url": "",
    "email": "<IL_account_email_address>"


Paramter Description
access_token OAuth Access Token.
expires_in Token expiration time in seconds.
refresh_token OAuth refresh token. Only sent for Authorization Code flow.
refresh_token_expires_in Refresh Token expiry time in seconds.
Note: This value is only returned when your application has refresh token support enabled and you use the authorization_code grant type.
redirect_uri Redirect URL registered for the client application.
email Logged in user’s email address.