Using the Regeneration Token (Refresh Token)

Owned by esnata (Unlicensed)
Last updated: Jun 30, 2021
2 min read

The access token has a limited lifetime (passed in the expires_in parameter). When authorizing public (public) and password-authorized (password_credentials) PBX applications, it is possible to regenerate the access token using the refresh token. This approach allows you to get a new access token after the old one expires without the user's participation, since the regeneration of the access token using the regeneration token does not require any actions from the user. For PBX applications of the trusted type, there is no regeneration token.

The regeneration token also has a limited lifetime, and if the regeneration of the token failed (the system will respond to the request with the code 401 and the message "invalid_grant" in the error field), the PBX application must re-authorize.

To get an access token using the regeneration token, the PBX application must make a POST request to the URL https://<hostname>/oauth/token. The parameters are passed in the request body in the application/x-www-form-urlencoded format.

POST https://<hostname>/oauth/token

Request parameters

Parameter

Description

Parameter

Description

grant_type

Must always have the value refresh_token

refresh_token

The refresh_token value obtained with the token to be regenerated

redirect_uri

The URI that the system will use to send the response. Must match the one specified when creating the PBX application

client_id

App ID generated when creating the PBX app

client_secret

App Secret generated when creating the PBX app

Response parameters

Parameter

Description

Parameter

Description

access_token

Access token. Used by the PBX application for API requests

expires_in

The time period, in seconds, during which the token is valid. If an authorization error occurred while using the token, it is recommended to request the token again, even if the time specified in the expires_in field has not yet passed before the token expires

token_type

The token type is always set to Bearer

refresh_token

Refresh token, which can be used to regenerate the access token when it has become invalid

Example:

curl -L -X POST 'https://<hostname>/oauth/token' \ -H 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=refresh_token' \ --data-urlencode 'refresh_token=L40pLFI9hgoРlp0lFHNAvPUt0К9K0С' \ --data-urlencode 'client_id=a80f1e618ddd4d4584e2bd18fd464194' \ --data-urlencode 'client_secret=a2423941f5be408c998d5f7287570990' \ --data-urlencode 'redirect_uri=https://testsite.com'

System response:

{   "access_token": "pyt4ZUcLWc2FP3t10OJUN2N4Xh2qes",   "token_type": "Bearer",   "expires_in": 3600,   "refresh_token": "L40pLFI9hgoРlp0lFHNAvPUt0К9K0С" }

 

← API Requests with an Access Token