Refresh Token

📘
Supported Regions and Base URLs

Client Authentication

The requests made to the token service must be signed - leveraging HTTP Basic Authentication and Base64 encoding the client_id and client_secret:

$ echo -n '<client_id>:<client_secret>' | openssl base64
PGNsaWVudF9pZD46PGNsaWVudF9zZWNyZXQ+

require 'base64'

Base64.strict_encode64('<client_id>:<client_secret>')
# PGNsaWVudF9pZD46PGNsaWVudF9zZWNyZXQ+

import base64

base64.b64encode('<client_id>:<client_secret>')
# PGNsaWVudF9pZD46PGNsaWVudF9zZWNyZXQ+

echo -n 'clientId:clientSecret' | base64

$b  = [System.Text.Encoding]::UTF8.GetBytes("clientId:clientSecret")

❗️
App Listing
To list an app on AppConnect, a signed JWT must be used for additional security when retrieving a token.

Parameter	Type	Description	Required
access_token	string	the access token	yes
token_type	string	The type of token to be specified in the authorization header. Default: `Bearer`.	yes
expires_in	integer	duration of time (seconds) the access token is granted for	yes
scope	string	A space-separated list of scopes (URL encoded) the client requested access to. If the "scope" parameter is not provided in the request body parameter, the returned value will be the list of scopes the client granted.	yes
refresh_token	string	The refresh token used to obtain another access token. Required only when using "authorization_code" and "refresh_token" grant types.	no
sid	string	The session ID of the user authenticated during the authorization code flow. Required only when using "authorization_code" and "refresh_token" grant types.	no
id_token	string	The ID token (OpenID Connect functionality to return information about the authentication performed during the authorization code flow). Required only when using "authorization_code" grant type and if "openid" scope was included in the "scope" parameter provided in the "/oauth/authorize" request query parameter.	no

Parameter	Type	Description	Required
error	string	n/a	yes
error_description	string	n/a	yes