> ## Documentation Index
> Fetch the complete documentation index at: https://developer.box.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authorization resources

A set of endpoints used to manage the user authorization process.

## Access token

A token that can be used to make authenticated API calls.

<Accordion title="Attributes and example">
  | Property            | Type                      | Required | Description                                                                                                                                                                     |
  | ------------------- | ------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
  | `access_token`      | `string`                  | No       | The requested access token.                                                                                                                                                     |
  | `expires_in`        | `integer`                 | No       | The time in seconds by which this token will expire.                                                                                                                            |
  | `token_type`        | `enum<string>`            | No       | The type of access token returned. Available options: `bearer`.                                                                                                                 |
  | `restricted_to`     | array of `Resource scope` | No       | The permissions that this access token permits, providing a list of resources (files, folders, etc) and the scopes permitted for each of those resources.                       |
  | `refresh_token`     | `string`                  | No       | The refresh token for this access token, which can be used to request a new access token when the current one expires.                                                          |
  | `issued_token_type` | `enum<string>`            | No       | The type of downscoped access token returned. This is only returned if an access token has been downscoped. Available options: `urn:ietf:params:oauth:token-type:access_token`. |

  ```json Example theme={null}
  {
    "access_token": "c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ",
    "expires_in": 3600,
    "token_type": "bearer",
    "restricted_to": [
      {
        "scope": "item_download",
        "object": {
          "id": "12345",
          "etag": "1",
          "type": "folder",
          "sequence_id": "3",
          "name": "Contracts"
        }
      }
    ],
    "refresh_token": "c3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ",
    "issued_token_type": "urn:ietf:params:oauth:token-type:access_token"
  }
  ```
</Accordion>

## OAuth 2.0 error

An OAuth 2.0 error.

<Accordion title="Attributes and example">
  | Property            | Type     | Required | Description                     |
  | ------------------- | -------- | -------- | ------------------------------- |
  | `error`             | `string` | No       | The type of the error returned. |
  | `error_description` | `string` | No       | The type of the error returned. |

  ```json Example theme={null}
  {
    "error": "invalid_client",
    "error_description": "The client credentials are not valid"
  }
  ```
</Accordion>
