Create Access Token
Authentication
Bearer authentication of the form Bearer <token>, where token is your auth token.
Headers
Request
Exchange a signed JWT assertion for a short-lived access token. The JWT must be signed with the private key corresponding to the public key registered on the OAuth client. Note: parameter names follow OAuth RFC 6749/7523 conventions (snake_case) rather than the Persona API default (kebab-case).
Response headers
The unique identifier of the API log entry that recorded this request. Starts with req_. Include this value when reaching out to Persona support. Present on every authenticated response, including error responses.
Response
Space-separated list of granted permissions. Format varies by grant type: for client_credentials, bare permission names (e.g. inquiry.read account.read); for authorization_code, permission:object pairs (e.g. inquiry.read:inq_xxx). Empty string when no permissions are granted.

