> ## Documentation Index
> Fetch the complete documentation index at: https://docs.go.gbgplc.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Step 1: Authenticate

> Authenticate with the GBG GO API by exchanging your client credentials for an access token required to start hosted journeys.

Before you can use the GBG GO API, you must authenticate your request. This involves exchanging your API client credentials for an access token, which must be included in every API call.

## What you need

Before requesting an access token, make sure you have created an API client and have the following credentials:

* **Client ID**: Identifies your API client.
* **Client secret**: A secure key generated when you create the API client.

<Note>
  You create API clients in the **Clients** tab of the Account management portal. See [Manage API clients](/docs/go-v2/platform/account-management/manage-api-clients) for instructions.
</Note>

## Request an access token

To get your access token, send a `POST` request to the token endpoint using the `client_credentials` grant type.

You can send a request like this:

```bash BASH theme={null}
curl --request POST \
  --url https://api.auth.gbgplc.com/as/token.oauth2 \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data 'grant_type=client_credentials' \
  --data 'client_id=your-client-id' \
  --data 'client_secret=your-client-secret' \
  --data 'scope=gbg.token'
```

If your request is successful, the API will return a response in this format:

```json JSON theme={null}
{
  "access_token": "your-access-token",
  "token_type": "Bearer",
  "expires_in": 3600
}
```

Store your access token securely and refresh it when it expires.

Refer to the [Generate access token](/docs/go-v2/api-reference/endpoint/generate-access-token) API reference for details on the request and response definitions.