Refresh Token
Note
Please note that Refresh Token will be rotated after used
POST /oauth/token
Basic Authorization (retrieve credentials from OAuth Application)
- Username: OAuth Client ID
- Password: OAuth Client Secret
- HTTP header:
Authorization: Basic base64(client_id:client_secret)
Headers
Content-Type: application/json
Request Body
| Key | Type | Required | Rule | Description |
|---|---|---|---|---|
| grant_type | string | Mandatory | must be refresh_token | OAuth grant type |
| refresh_token | string | Mandatory | refresh token issued in previous token request |
Expected HTTP status code
- 200
Response
| Name | Type | Description |
|---|---|---|
| access_token | string | Bearer access token |
| token_type | string | Always Bearer |
| expires_in | number | Token lifetime in seconds |
| refresh_token | string | Refresh token |
Error
| Code | error | error_description |
|---|---|---|
400 | invalid_grant | invalid grant type |
400 | invalid_grant | Refresh token is invalid or expired |