Requesting an access_token using the refresh_token is similar to other requests to the /token endpoint. This time, though, the grant_type is refresh_token, and the refresh_token is sent instead of the code.

• Send a POST request to https://gateway.remote.com/auth/oauth2/token
• Include the authorization header with basic authentication encoded with Base64:
  • Encode in Base64 both credentials separated by a colon (:) as shown here — <client_id>:<client_secret>
  • Use the header Authorization: Basic <client_id_and_client_secret_encoded_in_base64>
• Include the Content-Type: application/x-www-form-urlencoded header in the request
• In the payload, you need to fill the grant type:
  • grant_type filled with refresh_token — it's a constant value
  • refresh_token filled with the refresh token **previously stored in the client

Request example

Assuming your CLIENT_ID=your_client_id and CLIENT_SECRET=your_client_secret, an example of what your request should look like is shown below.

$ echo -n "your_client_id:your_client_secret" | base64
eW91cl9jbGllbnRfaWQ6eW91cl9jbGllbnRfc2VjcmV0

$ curl --location \\
       --request POST '<https://gateway.remote.com/auth/oauth2/token>' \\
       --header 'Authorization: Basic eW91cl9jbGllbnRfaWQ6eW91cl9jbGllbnRfc2VjcmV0' \\
       --header 'Content-Type: application/x-www-form-urlencoded' \\
       --data-urlencode 'grant_type=refresh_token' \\
       --data-urlencode 'refresh_token=84224550-dc8f-4153-a7cd-4f38c7ef90da'

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJo...",
  "refresh_token": "84224550-dc8f-4153-a7cd-4f38c7ef90da",
  "expires_in": 3600,
  "token_type": "Bearer"
}