OpenID Connect Access Token Refresh
  • 01 Jul 2024
  • 1 Minute to read
  • Dark
    Light

OpenID Connect Access Token Refresh

  • Dark
    Light

Article summary

Issue a POST to /idp/profile/oidc/token with the following parameters.

Parameter

Type

Description

grant_type

String required

“refresh_token”

refresh_token

String required

The refresh token value received in the Token Response

scope

String optional

Space-delimited API scopes, defaults to whatever scope was originally granted.

client_id

String optional

Your Client ID. This is required if HTTP Basic Authentication is not used

client_secret

String optional

Your Client Secret. This is required if HTTP Basic Authentication is not used

As shown in the above table, HTTP Basic Authentication may be used instead of providing client_id and client_secret as request parameters.  In that case the Client ID should be used as the username and the Client Secret should be used as the password.

Assuming the request is valid the Authorization Server will generate new Access ID and Refresh tokens and return a response in the same format as the Token Response.


Was this article helpful?

ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence