This article explains how to generate tokens for the 1st time while getting started with Xoxoday APIs.


All requests to the Xoxoday API must be authenticated.

Xoxoday uses bearer authentication, where each request must include an HTTP header that includes your Client ID, Secret ID, and Access Token. The following guide explains how to generate your client ID, secret ID, and access tokens from the admin portal.

Generating Client ID & Secret Key

Log in to your Xoxoday Account

Step 2: Generate Client ID

In the next step, Click the "Settings" tab from the header and select "API" on the left panel.

You can now see the "Reward API" tab. Click on the "Generate Client ID" button. A pop-up will appear showing the scope of Integration i.e Plum PRO API, click on the Save button.

You will now be able to find Client ID and Secret ID on the dashboard as shown below.

Step 3: Generating Access & Refresh token

Now you have the client id and secret key, you can generate both the access and refresh token by clicking on the "Generate Token" button.

Copy the token and manage them programmatically.