Toast

Toast Authentication API

OAuth 2.0 client-credentials authentication for Toast APIs. Exchanges a clientId and clientSecret (with userAccessType TOAST_MACHINE_CLIENT) for a bearer access token at /authentication/v1/authentication/login. Token lifetime is returned in the response and varies by environment.

GitHub OpenAPI

Documentation

📖
Documentation
https://doc.toasttab.com/openapi/authentication/overview/

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/openapi/toast-tab-authentication-openapi.yml
JSON-LD
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/json-ld/toast-tab-authentication-context.jsonld

Examples

📝
Example
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/examples/authentication-authentication-request-example.json
📝
Example
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/examples/authentication-authentication-response-example.json
📝
Example
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/examples/authentication-authentication-token-example.json

Schemas & Data

📊
JSONSchema
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/json-schema/authentication-authentication-request-schema.json
📊
JSONSchema
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/json-schema/authentication-authentication-response-schema.json
📊
JSONSchema
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/json-schema/authentication-authentication-token-schema.json
📊
JSONStructure
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/json-structure/authentication-authentication-request-structure.json
📊
JSONStructure
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/json-structure/authentication-authentication-response-structure.json
📊
JSONStructure
https://raw.githubusercontent.com/api-evangelist/toast-tab/refs/heads/main/json-structure/authentication-authentication-token-structure.json

Other Resources

🔗
AuthenticationGuide
https://doc.toasttab.com/doc/devguide/authentication.html

OpenAPI Specification

toast-tab-authentication-openapi.yml Raw ↑ 
swagger: '2.0'
info:
  version: 1.0.0
  title: Toast authentication API
  description: |
    The authentication API returns an authentication token that you can present
    when your integration client software uses other Toast APIs. For more
    information about authentication, see [the Toast Developer
    Guide](https://doc.toasttab.com/doc/devguide/authentication.html).
  termsOfService: https://pos.toasttab.com/api-terms-of-use
  contact:
    name: Toast developer support
schemes:
- https
host: toast-api-server
basePath: /authentication/v1
consumes:
- application/json
externalDocs:
  description: Authentication developer guide
  url: https://doc.toasttab.com/doc/devguide/authentication.html
tags:
- name: Authentication
produces:
- application/json
definitions:
  AuthenticationRequest:
    type: object
    description: |
      Authentication credentials for your Toast API integration client software.
    properties:
      clientId:
        description: |
          The identifier string for your Toast API client. You receive the
          identifier string from the Toast integrations team.
        type: string
        example: VKuhk4NaLedOcjZpJM8grvdrsFi3MlcM
      clientSecret:
        description: |
          The secret string that corresponds to your Toast API client. You
          receive the secret string from the Toast integrations team.
        type: string
        example: eS960aiKdvgbSDcLUCk68HR2CJKwwHNO2HKfgxjCWxoj27KIp6jFAi2XOOc_oCuv
      userAccessType:
        description: |
          Always include the `userAccessType` value and set it to
          `TOAST_MACHINE_CLIENT`.
        type: string
        example: TOAST_MACHINE_CLIENT
  AuthenticationResponse:
    type: object
    description: |
      A wrapper object for the response to a successful Toast API authentication
      request.
    properties:
      token:
        description: |
          An `AuthenticationToken` object containing information about a Toast
          platform API session, including an authentication token string that
          your Toast API client software can present when using other Toast
          platform APIs.
        type: object
        $ref: '#/definitions/AuthenticationToken'
      status:
        description: The value `SUCCESS` indicates that your authentication request was successful.
        type: string
        example: SUCCESS
  AuthenticationToken:
    type: object
    description: |
      Information about a Toast platform API session, including an
      authentication token string that your Toast API client software can
      present when using other Toast platform APIs.
    properties:
      tokenType:
        description: |
          The OAuth 2 authentication scheme used for the authentication token.
          Toast API authentication uses the bearer authentication scheme.
        type: string
        example: Bearer
      scope:
        description: |
          The scope value in the authentication token request response is
          `null`. The `accessToken` JSON Web Token (JWT) contains the list of
          [scopes for your Toast API
          client](https://dev.toasttab.com/doc/devguide/apiScopes.html).
        type: string
        example: string
      expiresIn:
        description: |
          The number of seconds that the authentication token is valid. 
        type: integer
        example: 86400
      accessToken:
        description: |
          A JSON Web Token (JWT) string that contains an authentication token.
          You [present this string when you make
          requests](https://dev.toasttab.com/doc/devguide/authentication.html#using-authentication-token)
          to other Toast API resources. The JWT includes information about your
          Toast API client.
        type: string
        example: string
      idToken:
        description: |
          For internal use only.
        type: string
        example: 90a86f12
      refreshToken:
        description: |
          For internal use only.
        type: string
        example: string
  ErrorMessage:
    type: object
    description: |
      An object that contains information about one or more errors that the
      Toast platform encountered when processing your API request.
    properties:
      status:
        description: |
          The HTTP status code of the response.
        type: string
        example: IN_STOCK
      code:
        description: |
          A numeric identifier for the error condition.
        type: integer
        example: 1
      message:
        description: |
          A description of the error condition.
        type: string
        example: string
      messageKey:
        description: |
          Reserved for future use.
        type: string
        example: string
      fieldName:
        description: |
          Reserved for future use.
        type: string
        example: Example Name
      link:
        description: |
          The URL of a resource that provides more information about the error
          condition.
        type: string
        example: https://doc.toasttab.com/
      requestId:
        description: |
          The unique identifier of the HTTP request that your client sent to the Toast API.
        type: string
        example: 90a86f12
      developerMessage:
        description: |
          Additional detail about the error condition, if it is available.
        type: string
        example: string
      errors:
        description: |
          A JSON array of `ErrorMessage` objects.
        type: array
        items:
          $ref: '#/definitions/ErrorMessage'
      canRetry:
        description: |
          Reserved for future use.
        type: string
        example: string
paths:
  /authentication/login:
    post:
      tags:
      - Authentication
      summary: Toast Get an Authentication Token
      description: |
        Returns an authentication token that your Toast API client can present
        when using other Toast platform APIs.
      externalDocs:
        description: Authentication developer guide
        url: https://doc.toasttab.com/doc/devguide/authentication.html
      operationId: authenticationLoginPost
      produces:
      - application/json
      parameters:
      - name: body
        description: |
          The authentication credentials for your Toast API client integration
          software.
        in: body
        required: true
        schema:
          $ref: '#/definitions/AuthenticationRequest'
      responses:
        '200':
          description: |
            A JSON `AuthenticationResponse` object that includes an
            authentication token string.
          schema:
            $ref: '#/definitions/AuthenticationResponse'
        '401':
          description: |
            The Toast API client credentials in your request are not valid.
          schema:
            $ref: '#/definitions/ErrorMessage'
      x-microcks-operation:
        delay: 0
        dispatcher: FALLBACK