Using the Regeneration Token (Refresh Token)
The access token has a limited lifetime (passed in the expires_in parameter). When authorizing public (public) and password-authorized (password_credentials) PBX applications, it is possible to regenerate the access token using the refresh token. This approach allows you to get a new access token after the old one expires without the user's participation, since the regeneration of the access token using the regeneration token does not require any actions from the user. For PBX applications of the trusted type, there is no regeneration token.
The regeneration token also has a limited lifetime, and if the regeneration of the token failed (the system will respond to the request with the code 401 and the message "invalid_grant" in the error field), the PBX application must re-authorize.
To get an access token using the regeneration token, the PBX application must make a POST request to the URL https://<hostname>/oauth/token. The parameters are passed in the request body in the application/x-www-form-urlencoded format.
|
Request parameters
Parameter | Description |
---|---|
grant_type | Must always have the value refresh_token |
refresh_token | The refresh_token value obtained with the token to be regenerated |
redirect_uri | The URI that the system will use to send the response. Must match the one specified when creating the PBX application |
client_id | App ID generated when creating the PBX app |
client_secret | App Secret generated when creating the PBX app |
Response parameters
Parameter | Description |
---|---|
access_token | Access token. Used by the PBX application for API requests |
expires_in | The time period, in seconds, during which the token is valid. If an authorization error occurred while using the token, it is recommended to request the token again, even if the time specified in the expires_in field has not yet passed before the token expires |
token_type | The token type is always set to Bearer |
refresh_token | Refresh token, which can be used to regenerate the access token when it has become invalid |
Example:
curl -L -X POST 'https://<hostname>/oauth/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'refresh_token=L40pLFI9hgoРlp0lFHNAvPUt0К9K0С' \
--data-urlencode 'client_id=a80f1e618ddd4d4584e2bd18fd464194' \
--data-urlencode 'client_secret=a2423941f5be408c998d5f7287570990' \
--data-urlencode 'redirect_uri=https://testsite.com'
System response:
{
"access_token": "pyt4ZUcLWc2FP3t10OJUN2N4Xh2qes",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "L40pLFI9hgoРlp0lFHNAvPUt0К9K0С"
}
← API Requests with an Access Token