> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ocient.com/llms.txt
> Use this file to discover all available pages before exploring further.

# sso_token

> Exchange an OpenID Connect identifier token or access token for an Ocient access token.

This endpoint allows clients to directly exchange tokens without following the full browser-based authentication process. This exchange is useful for server-to-server scenarios or when the client already has a valid OpenID token from another process.



## OpenAPI

````yaml /openapi/generated-api-methods.json POST /v1/sso_token
openapi: 3.1.0
info:
  title: Generated API methods
  version: 1.0.0
  description: Generated from imported ApiMethodV2 blocks.
servers:
  - url: https://{sql_node}
    variables:
      sql_node:
        default: sql_node
  - url: http://oc1-lts0:9090
security: []
paths:
  /v1/sso_token:
    post:
      tags:
        - Ocient HTTP Query API
      summary: sso_token
      description: >-
        Exchange an OpenID Connect identifier token or access token for an
        Ocient access token.


        This endpoint allows clients to directly exchange tokens without
        following the full browser-based authentication process. This exchange
        is useful for server-to-server scenarios or when the client already has
        a valid OpenID token from another process.
      operationId: postOcientHttpQueryApiSsoToken
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                database:
                  type: string
                  description: >-
                    Target database for connection after successful
                    authentication. This database must be accessible to the user
                    identified by the SSO token.
                id_token:
                  type: string
                  description: >-
                    OpenID identifier token received from the OpenID provider
                    after successful authentication. You must provide the
                    id_token or access_token body parameters, but not both.
                "access_token\t":
                  type: string
                  description: >-
                    OpenID access token received from the OpenID provider after
                    successful authentication. You must provide the id_token or
                    access_token body parameters, but not both.
              required:
                - database
      responses:
        '200':
          description: Response
          content:
            application/json:
              schema:
                type: object
                properties:
                  id_token:
                    type: string
                  database:
                    type: string
              examples:
                response:
                  value:
                    id_token: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...
                    database: retail_analytics
      servers:
        - url: https://{sql_node}
          variables:
            sql_node:
              default: sql_node
      x-codeSamples:
        - lang: curl
          label: curl
          source: |-
            curl -X POST https://my_sql_node.com/v1/sso_token \
                -H "Content-Type: application/json" \
                -d '{
                    "id_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
                    "database": "retail_analytics"
                }'

````