Connector OAuth

POST /api/connector/oauth/token exchanges OAuth authorization codes or refresh tokens for Supabase sessions. This is how Claude, ChatGPT, and other connectors authenticate through Dexter.

Request

URL: https://api.dexter.cash/api/connector/oauth/token

Content-Type: application/json or application/x-www-form-urlencoded

Authorization Code Grant

{
  "grant_type": "authorization_code",
  "code": "abc123...",
  "code_verifier": "pkce_verifier_string"
}

Field	Type	Required	Description
`grant_type`	string	Yes	`"authorization_code"`
`code`	string	Yes	Authorization code from the OAuth exchange
`code_verifier`	string	If PKCE was used	S256 PKCE verifier

Refresh Token Grant

{
  "grant_type": "refresh_token",
  "refresh_token": "v1.xxx..."
}

Response (200)

{
  "token_type": "bearer",
  "access_token": "eyJhbGciOiJIUzI1NiIs...",
  "refresh_token": "v1.abc123...",
  "expires_in": 1800,
  "supabase_user_id": "550e8400-e29b-41d4-a716-446655440000",
  "wallet_public_key": "BRANCHVDL53igBiYuvrEfZazXJm24qKQJhyXBUm7z7V",
  "dexter_mcp_jwt": "eyJhbGciOiJIUzI1NiIs..."
}

Field	Type	Description
`token_type`	string	Always `"bearer"`
`access_token`	string	Supabase access token
`refresh_token`	string	Supabase refresh token
`expires_in`	number	TTL in seconds
`supabase_user_id`	string	Supabase user UUID
`wallet_public_key`	string	Solana public key (if wallet assigned)
`dexter_mcp_jwt`	string	MCP JWT for Dexter tools (optional)

Errors

Status	Error	When
400	`invalid_request`	Missing `code` or `refresh_token`
400	`invalid_grant`	Invalid/consumed code, or PKCE verification failed
400	`unsupported_grant_type`	Grant type not `authorization_code` or `refresh_token`