Refresh a token

POST https://{community-domain}/t5/s/api/2.1/auth/refreshToken

Refresh a token used with OAuth 2.0 authentication

Details

Used to refresh an OAuth access token. An access token is valid for 24 hours before it expires. Refresh the token within that time period with a POST call to /auth/refreshToken and passing the refresh_token received in the response from POST /auth/accessToken. Otherwise, the user will go through the authentication flow again.

When you pass the refresh_token, the Authorization Service issues a new access token and (optionally) a new refresh token. Store the new refresh token in case you need it for subsequent refreshes. By default, the refresh token expires in 30 days. To change the expiry duration, contact Support.

By default, you'll be issued the same refresh token originally returned from POST /auth/accessToken. However, you can force the authentication service to generate a new refresh token by sending the optional force_refresh parameter.