# Exchange auth intent for JWT POST https://identity.gwop.io/v1/auth-intents/{auth_intent_id}/exchange Exchange a settled auth intent for a JWT access token. Use `Idempotency-Key` on every production call. Without one, a dropped response can consume the auth intent and force the merchant to create a replacement challenge. Reference: https://docs.gwop.io/api-reference/gwop-api/auth/exchange-auth-intent ## OpenAPI Specification ```yaml openapi: 3.1.0 info: title: Gwop API version: 1.0.0 paths: /v1/auth-intents/{auth_intent_id}/exchange: post: operationId: exchange-auth-intent summary: Exchange auth intent for JWT description: | Exchange a settled auth intent for a JWT access token. Use `Idempotency-Key` on every production call. Without one, a dropped response can consume the auth intent and force the merchant to create a replacement challenge. tags: - subpackage_auth parameters: - name: auth_intent_id in: path description: Auth intent ID from create response required: true schema: type: string - name: Authorization in: header description: | Merchant API key (`sk_m_*`). ``` Authorization: Bearer sk_m_abc123def456... ``` required: true schema: type: string - name: Idempotency-Key in: header description: | Client-generated UUID v4 for safe retries. Requests with the same key return the original response. required: false schema: type: string format: uuid responses: '200': description: Token issued content: application/json: schema: $ref: '#/components/schemas/ExchangeAuthIntentResponse' '401': description: Missing or invalid authentication content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' '402': description: Intent exists but the agent has not paid yet content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' '403': description: Valid authentication but insufficient permissions content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' '404': description: Intent not found or belongs to a different store content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' '409': description: Intent expired or already used content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' '429': description: Rate limit exceeded content: application/json: schema: $ref: '#/components/schemas/RateLimitError' servers: - url: https://identity.gwop.io components: schemas: ExchangeAuthIntentResponseTokenType: type: string enum: - Bearer title: ExchangeAuthIntentResponseTokenType AuthPrincipalChain: type: string enum: - base - solana title: AuthPrincipalChain AuthPrincipal: type: object properties: sub: type: string chain: $ref: '#/components/schemas/AuthPrincipalChain' wallet_address: type: string required: - sub - chain - wallet_address title: AuthPrincipal AuthSession: type: object properties: sid: type: string sub: type: string amr: type: array items: type: string required: - sid - sub - amr title: AuthSession WalletAccount: type: object properties: id: type: - string - 'null' format: uuid is_new_account: type: boolean required: - id - is_new_account title: WalletAccount ExchangeAuthIntentResponse: type: object properties: access_token: type: string description: RS256-signed JWT. token_type: $ref: '#/components/schemas/ExchangeAuthIntentResponseTokenType' expires_in: type: integer principal: $ref: '#/components/schemas/AuthPrincipal' session: $ref: '#/components/schemas/AuthSession' account: $ref: '#/components/schemas/WalletAccount' required: - access_token - token_type - expires_in - principal - session - account title: ExchangeAuthIntentResponse ErrorResponseError: type: object properties: code: type: string message: type: string details: type: object additionalProperties: description: Any type requestId: type: string required: - code - message title: ErrorResponseError ErrorResponse: type: object properties: error: $ref: '#/components/schemas/ErrorResponseError' required: - error title: ErrorResponse RateLimitError: type: object properties: error: $ref: '#/components/schemas/ErrorResponseError' required: - error title: RateLimitError securitySchemes: MerchantApiKey: type: http scheme: bearer description: | Merchant API key (`sk_m_*`). ``` Authorization: Bearer sk_m_abc123def456... ``` ``` ## SDK Code Examples ```python import requests url = "https://identity.gwop.io/v1/auth-intents/ai_m1abc12defgh3456/exchange" headers = {"Authorization": "Bearer "} response = requests.post(url, headers=headers) print(response.json()) ``` ```javascript const url = 'https://identity.gwop.io/v1/auth-intents/ai_m1abc12defgh3456/exchange'; const options = {method: 'POST', headers: {Authorization: 'Bearer '}}; try { const response = await fetch(url, options); const data = await response.json(); console.log(data); } catch (error) { console.error(error); } ``` ```go package main import ( "fmt" "net/http" "io" ) func main() { url := "https://identity.gwop.io/v1/auth-intents/ai_m1abc12defgh3456/exchange" req, _ := http.NewRequest("POST", url, nil) req.Header.Add("Authorization", "Bearer ") res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := io.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) } ``` ```ruby require 'uri' require 'net/http' url = URI("https://identity.gwop.io/v1/auth-intents/ai_m1abc12defgh3456/exchange") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true request = Net::HTTP::Post.new(url) request["Authorization"] = 'Bearer ' response = http.request(request) puts response.read_body ``` ```java import com.mashape.unirest.http.HttpResponse; import com.mashape.unirest.http.Unirest; HttpResponse response = Unirest.post("https://identity.gwop.io/v1/auth-intents/ai_m1abc12defgh3456/exchange") .header("Authorization", "Bearer ") .asString(); ``` ```php request('POST', 'https://identity.gwop.io/v1/auth-intents/ai_m1abc12defgh3456/exchange', [ 'headers' => [ 'Authorization' => 'Bearer ', ], ]); echo $response->getBody(); ``` ```csharp using RestSharp; var client = new RestClient("https://identity.gwop.io/v1/auth-intents/ai_m1abc12defgh3456/exchange"); var request = new RestRequest(Method.POST); request.AddHeader("Authorization", "Bearer "); IRestResponse response = client.Execute(request); ``` ```swift import Foundation let headers = ["Authorization": "Bearer "] let request = NSMutableURLRequest(url: NSURL(string: "https://identity.gwop.io/v1/auth-intents/ai_m1abc12defgh3456/exchange")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error as Any) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume() ```