OAuth Token Refresh

post/oauth/token?refresh

Access tokens are only valid for a given period of time (typically one hour) for security reasons. Whenever acquiring an new access token its TTL is also given (see expires_in), along with a refresh token that can be used to acquire a new access token after the current one has expired.

Request

Request Body schema: application/json
required

grant_type required	string Default: "refresh_token" When refreshing an existing token use `refresh_token`.
refresh_token required	string The token provided when you got the expired access token.
client_id	string The client ID for your API app. Mandatory from August 1st, 2025. Until then, required if the "Client Credentials Required" setting is enabled for token refresh; optional if disabled.
client_secret	string The client secret for your API app. Mandatory from August 1st, 2025. Until then, required if the "Client Credentials Required" setting is enabled for token refresh; optional if disabled.

Responses

200

successful operation

4XX

failed_operation

Request samples

application/json

{"grant_type": "refresh_token",
"refresh_token": "hNTI2MTFmM2VmZDQxZTZjOWRmZmFjZmVmMGMyNGFjMzI2MGI5YzgzNmE3"
}

Response samples

application/json

{"access_token": "MDZhYzBlMGI1YzQ0ZjI1ZjYzYmUyNmMzZWQ5ZGNmOGYyNmQxMmMyMmQ2NmNiY2M3NW=",
"expires_in": 86400,
"refresh_token": "hNTI2MTFmM2VmZDQxZTZjOWRmZmFjZmVmMGMyNGFjMzI2MGI5YzgzNmE3",
"token_type": "Bearer"
}

OAuth Token Refresh

Request Body schema: application/jsonrequired

Request Body schema: application/json
required