diff --git a/src/Client.php b/src/Client.php
index e1f0af5..4c768b3 100644
--- a/src/Client.php
+++ b/src/Client.php
@@ -202,11 +202,11 @@ public function setTokenResponse($tokenResponse)
     /**
      * use this if you want to store the auth response for later reuse
      * see also setTokenResponse
-     * @return array the token response from the auth call
+     * @return string|null the token response from the auth call
      */
     public function getTokenResponse()
     {
-        if (!$this->tokenResponse) {
+        if (is_null($this->tokenResponse)) {
             $tokenResponse = file_get_contents($this->tokenCacheFilename);
             if ($tokenResponse) {
                 $this->tokenResponse = $tokenResponse;
diff --git a/src/Onboarding.php b/src/Onboarding.php
index 4042cdc..800e9c0 100644
--- a/src/Onboarding.php
+++ b/src/Onboarding.php
@@ -26,12 +26,13 @@ class Onboarding extends Client
      * so you initialize the client with the technical oxid account credentials
      * Onboarding constructor.
      * @param LoggerInterface $logger
-     * @param $endpoint string the base API url
-     * @param $oxidClientId string the client id from the technical oxid account
-     * @param $oxidClientSecret string the client secret from the technical oxid account
-     * @param $oxidPartnerId string for getting credentials and informations for successful onboarding
-     * @param $sellerId string for getting informations for successful onboarding
-     * @param bool $debug set to true to debug request sent to paypal on the console
+     * @param string $endpoint the base API url
+     * @param string $oxidClientId the client id from the technical oxid account
+     * @param string $oxidClientSecret the client secret from the technical oxid account
+     * @param string $oxidPartnerId for getting credentials and information for successful onboarding
+     * @param string $sellerId for getting information for successful onboarding
+     * @param string $tokenCacheFilename the filename for the cached token
+     * @param bool $debug  set to true to debug request sent to PayPal on the console
      */
     public function __construct(
         LoggerInterface $logger,
@@ -40,14 +41,14 @@ public function __construct(
         $oxidClientSecret,
         $oxidPartnerId,
         $sellerId,
+        $tokenCacheFilename,
         $debug = false
     ) {
         $this->partnerId = $oxidPartnerId;
         $this->sellerId = $sellerId;
-        parent::__construct($logger, $endpoint, $oxidClientId, $oxidClientSecret, '', $debug);
+        parent::__construct($logger, $endpoint, $oxidClientId, $oxidClientSecret, $tokenCacheFilename, '', $debug);
     }
 
-
     /**
      * Auth after seller used on browser to login into the paypal account
      * the parameters are usually provided in a callback on client side e.g.:
@@ -80,7 +81,9 @@ public function authAfterWebLogin($authCode, $sharedId, $sellerNonce)
             ]
         ]);
 
-        $this->tokenResponse = json_decode('' . $res->getBody(), true);
+        $rawTokenResponse = json_decode('' . $res->getBody(), true);
+
+        $this->setTokenResponse($rawTokenResponse['access_token']);
     }
 
     public function getCredentials()