Skip to content

Refresh Access Token

The default validity period of Access Token is 2 hours (7200 seconds), with a maximum of 24 hours (86400). After expiration, the user needs to re-authorize to obtain a new Access Token. This step enables automatic renewal of authorization, avoiding the need for users to authorize again and improving user experience.

Request Description

http
POST https://{your_domain}/api/v1/oauth2/token

Request Headers

ParameterNameRequiredExampleDescription
AuthorizationAuthentication infoRequiredBasic UnFCMNOWk9xWA==Use client_id and client_secret for Base64 authentication.
Format: base64(client_id:client_secret)
Content-TypeData typeRequiredapplication/x-www-form-urlencodedSubmit parameters using form data.

Request Example

http
POST https://{your_domain}/api/v1/oauth2/token

Authorization: Basic UnFCMkhKdGt6bFU...aT0NObkk4NlNOWk9xWA==

Content-Type: application/x-www-form-urlencoded

grant_type=refresh_token&refresh_token=wuGzSMMTjb4YhRUOjXHj-t-QD84

Request Parameters

ParameterNameRequiredExampleDescription
grant_typeAuthorization typeRequiredrefresh_tokenFixed value: refresh_token
refresh_tokenRefresh tokenRequiredwuGzSMMTjb4YhRUOjXHj-t-QD84Refresh token validity period up to 30 days

Response Example

Success response example

json
HTTP Status: 200 OK 
{    
    "access_token": "Z43T3yJNw9es8bruLXRmsXaA",    
    "token_type": "Bearer",    "refresh_token": "WEq8anwE6qu5aq8mRq5DtHK7YznzDQ2adn5yXkFlFA",    "expires_in": 7199,    
    "scope": "openid",    
    "id_token": "eyJra21o...8oEoRsydhg" 
}

Incorrect grant_type parameter value

json
HTTP Status: 400 BAD REQUEST  
{
	"error": "unsupported_grant_type",
	"error_description": "Unsupported grant type"
}

Incorrect refresh token value

json
HTTP Status: 400 BAD REQUEST 
{
    "error": "invalid_grant",
    "error_description": "Invalid refresh token: wuGzSMMTjb4YhRUOjXHj-t-QD84"
}

Response Parameters

If successful, the Access Token can be obtained from the response.

ParameterNameRequiredExampleDescription
access_tokenAuthorization tokenRequired3oDi8mk0q9mnTpGxcHu3Gi_vX4oAuthorization token returned by the authorization server to the third-party application.
expires_inAccess token validity periodRequired7199Validity period of the access ticket returned by the authorization server to the application. Note: the validity period is in seconds.
refresh_tokenRefresh tokenwuGzSMMTjb4YhRUOjXHj-t-QD84
token_typeToken typeRequiredBearer
scopeAuthorization scopeRequiredopenid

BambooCloud IDaaS Open Platform