Once you have received a device token, you can renew the session using the refresh_token
. You have received it with the original token.
The endpoint to request the OAuth token is POST /oauth/token
. You need to pass the vendor client credentials, and the refresh token, but not the device code. The grant type is refresh_token
.
Request
POST /oauth/token HTTP/1.1
Host: connect-testing.secuconnect.com
Content-Type: application/json
Accept: application/json
{
"grant_type"
:
"refresh_token"
,
"client_id"
:
"611c00ec6b2be6c77c2338774f50040b"
,
"client_secret"
:
"dc1f422dde755f0b1c4ac04e7efbd6c4c78870691fe783266d7d6c89439925eb"
,
"refresh_token"
:
"d3aece0996cee981609cab15653db0e9bc9ef804"
}
If the everything is fine, the API responds with 200 OK
, and some data:
Response
HTTP/1.1 200 OK
Content-Type: application/json
...
{
"access_token"
:
"01g5prsq95pkq67pik7dh7vq22"
,
"expires_in"
: 1200,
"token_type"
:
"bearer"
,
"scope"
:
null
}
You will receive the OAuth access token (line 6) as before. There is no refresh token, since it stays unchanged for the current session.