Skip to content

Refresh Token

Jump to bottom Edit New page
Matt Bierner edited this page May 11, 2015 · 2 revisions

Refresh tokens allow your client to obtain user credentials after the access token has expired without prompting the user again. Refresh tokens may be used in both authentication code and single use client flows.

Exchanging a Refresh Token for an Access Token

POST https://blot.re/v0/oauth2/access_token

Required Parameters

  • grant_type - Set to refresh_token.
  • client_id
  • client_secret -
  • refresh_token The token being Exchanged

Example

POST https://blot.re/v0/oauth2/access_token?grant_type=refresh_token&client_id=55511f7c30041ec0d13f71b1&client_secret=NjgyMTg0NDgtMDllYi00MWI5LWE0NTUtOWFlY2RmNDJjMTA2&refresh_token=MTIwYzU2NGQtZWNkMS00M2E4LTk0ZGYtMTU0MDJmZTlmMzc4

{
    "access_token": "MWVhMDZjZGQtZDgwZC00NzMxLWE1NjktYzYwZGZhMTgwOWMx",
    "token_type": "bearer",
    "expires_in": 259200,
    "refresh_token": "OGNmOTIwNTgtODk1My00YzU0LTlhN2YtYjk1YTdjZjRiMjg2",
    "user": {
        "id": "5550f2a63004a531be8820c5"
    }
}

Other Notes

Exchanging a refresh token for an access token invalidates the prior access and refresh tokens. All future requests must be made with the new access token and only the new refresh token can be exchanged for a new access token.

Refresh tokens expire after about 2 weeks while access tokens expire after about 3 days.

Add a custom footer
Add a custom sidebar
Clone this wiki locally