Requesting an access_token
using the refresh_token
is similar to other requests to the /token
endpoint. This time, though, the grant_type
is refresh_token
, and the refresh_token
is sent instead of the code
.
POST
request to https://gateway.remote.com/auth/oauth2/token
<client_id>:<client_secret>
Authorization: Basic <client_id_and_client_secret_encoded_in_base64>
Content-Type: application/x-www-form-urlencoded
header in the requestgrant_type
filled with refresh_token
— it's a constant valuerefresh_token
filled with the refresh token **previously stored in the clientAssuming your CLIENT_ID=your_client_id
and CLIENT_SECRET=your_client_secret
, an example of what your request should look like is shown below.
$ echo -n "your_client_id:your_client_secret" | base64
eW91cl9jbGllbnRfaWQ6eW91cl9jbGllbnRfc2VjcmV0
$ curl --location \\
--request POST '<https://gateway.remote.com/auth/oauth2/token>' \\
--header 'Authorization: Basic eW91cl9jbGllbnRfaWQ6eW91cl9jbGllbnRfc2VjcmV0' \\
--header 'Content-Type: application/x-www-form-urlencoded' \\
--data-urlencode 'grant_type=refresh_token' \\
--data-urlencode 'refresh_token=84224550-dc8f-4153-a7cd-4f38c7ef90da'
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJo...",
"refresh_token": "84224550-dc8f-4153-a7cd-4f38c7ef90da",
"expires_in": 3600,
"token_type": "Bearer"
}