Learn how to obtain a new access token using your previously obtained refresh token
When you obtain an access_token, you have 30 minutes to use it until it expires. But hold on! You don't need to follow the 4 steps from the previous page all over again. Instead you can use the refresh_tokenthat was included in the response.
Making a Refresh Request
Similar to the access token request, client must make a POST request to the /oauth/token endpoint using the application/x-www-form-urlencodedformat with the following properties.
| Property | Required | Allowed Values | Explanation |
|---|---|---|---|
grant_type | YES | refresh_token | Informs the server that a refresh request is being sent |
refresh_token | YES | The refresh token you got when obtaining an access token | Used to obtain a new access token |
client_id | YES | Refer to Registering a Client | Informs the server of which client is trying to refresh their access token |
Example
Below is an example refresh request written in cURL but you can use any language of your choice.
curl 'http://your-ohrm-url.com/web/index.php/oauth2/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=your_client_id' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'refresh_token=your_refresh_token'
Refresh Response
The response from the endpoint will be similar to the response you got when obtaining an access token.
{
"token_type": "Bearer",
"expires_in": 1800,
"access_token": "your_access_token",
"refresh_token": "your_refresh_token"
}
Note that this will issue a new access token and new refresh token and revoke the previous tokens.
Well done! You have refreshed your access token successfully