Developers » Client Credentials Flow
Client Credentials Flow for Service Token
Please, read about planned changes with service access token.


Use Client credentials flow to run API methods with secure prefix. These methods allow calling API methods on behalf of the application itself.

To get a service token send a request to https://oauth.vk.com/access_token with following parameters:

client_id
required
Application id.
client_secret
required
Application secret key (specified in application settings at https://new.vk.com/editapp?id={API_ID}&section=options)
grant_type
required
Authorization type. Send client_credentials.
vUsed API version. Actual version: 5.131.
https://oauth.vk.com/access_token?client_id= + CLIENT_ID + &client_secret= + CLIENT_SECRET + &v=5.131&grant_type=client_credentials


If executed correctly, an access_token will be returned. With it you may call the secure API methods.
{"access_token":"533bacf01e11f55b536a565b57531ac114461ae8736d6506a3"}


For secure methods add the client_secret parameter containing the application secret key to all requests.

N.B.: with an application secret key secure methods can be called by anyone on behalf of the application. Never give your secret key to a third party and don't store it in open access. If secret key is compromised, urgently change it in application settings.