# Getting the Tokens

Getting Cotter's OAuth Tokens is very easy using our current authentication methods. **You should automatically receive the `oauth_token` whenever a user is succesfully authenticated**, either using magic link, OTP, trusted device, or WebAuthn.

You will get an `oauth_token` object in the JSON response with all the tokens:

```javascript
{
  ...
  "oauth_token": {
    "access_token": "eyJhbGciOiJFUzI1sInR5cC...",
    "auth_method": "TRUSTED_DEVICE", // authentication method used
    "expires_in": 3600,              // expiry in seconds
    "id_token": "eyJhbGciOiJFUz...",
    "refresh_token": "60:79hbLxl3aTjWWgCcIRnn...",
    "token_type": "Bearer"
  }
}
```

## Getting Tokens using the SDK

There are 3 places in the existing SDK where you can receive access tokens:

{% content-ref url="older-api/getting-the-tokens/during-authentication/during-email-phone-verification" %}
[during-email-phone-verification](https://docs.cotter.app/getting-access-token/older-api/getting-the-tokens/during-authentication/during-email-phone-verification)
{% endcontent-ref %}

{% content-ref url="older-api/getting-the-tokens/during-authentication" %}
[during-authentication](https://docs.cotter.app/getting-access-token/older-api/getting-the-tokens/during-authentication)
{% endcontent-ref %}

{% content-ref url="older-api/getting-the-tokens/during-enrolling-trusted-devices" %}
[during-enrolling-trusted-devices](https://docs.cotter.app/getting-access-token/older-api/getting-the-tokens/during-enrolling-trusted-devices)
{% endcontent-ref %}

## Getting Tokens using HTTP Request

You can also call Cotter's API to get the tokens.

{% content-ref url="getting-the-tokens/using-http-requests" %}
[using-http-requests](https://docs.cotter.app/getting-access-token/getting-the-tokens/using-http-requests)
{% endcontent-ref %}