post https://yoursite.com/api/user_token
The Bearer token is the access token requested in Request Access Token page.
When you receive a success response, then your app will receive a new access token for user, but if account has enabled the Two-Factor authentication, you have to make a new authentication.
Success login with no two-factor
Here is an example where you will receive a success response, two-factor authentication is not required so you can use the access token for user requests:
{
status: 'success',
two_factor: false,
access_token: 'UserAccessToken...'
}
Success login with Two-Factor require
In this example, it's necessary to make a second authentication using the two-factor code, so you will receive an answer like this:
{
status: 'success',
two_factor: true,
access_token: 'twoFactorToken...'
}
The access_token received will be used in the two-factor token.
Two Factor token will be valid for 10 minutes