# Get Access Token

Issue a short-lived access token using the OAuth 2.1 Client Credentials grant.

Provide:
- Authorization: Basic base64(AppKey:AppSecret)
- Content-Type: application/x-www-form-urlencoded

Endpoint: POST /oauth2/token
Version: v2
Security: basicAuth

## Request fields (application/x-www-form-urlencoded):

  - `grant_type` (string, required)
    Must be client_credentials.
    Enum: "client_credentials"

  - `scope` (string)
    Optional space-delimited scopes.
    Example: "API"

## Response 200 fields (application/json):

  - `access_token` (string)
    JWT access token.

  - `token_type` (string)
    Example: "Bearer"

  - `expires_in` (integer)
    Expiration time in seconds (default 1800).

  - `scope` (string)
    Granted scopes (if returned).

## Response 400 fields (application/json):

  - `error` (string)
    OAuth 2.0 error code.
    Example: "invalid_request"

  - `error_description` (string)
    Human-readable explanation.

  - `error_uri` (string)
    Link to the relevant RFC section.

## Response 401 fields (application/json):

  - `error` (string)
    OAuth 2.0 error code.
    Example: "invalid_request"

  - `error_description` (string)
    Human-readable explanation.

  - `error_uri` (string)
    Link to the relevant RFC section.