Applying Refresh Token
After user authentication is completed, both the access token and refresh token will be returned. When the access token expires, you can use the refresh token to obtain a new access token.
Example request:
Parameters with details:
client_secret
String
Required
Scenario I. Higher-Security (Client Password Required)
1. Client Password registered with digiRunner; needs to be encoded with Base64
2. Concatenate the client ID with ":" and the encoded client password, then encode the result with Base64 again to generate the value to be used
3. Example:
Client ID: tspclient
Client Password: tsp123abcd
Formula for generating the value:
Base64 Encode(ClientID+":"+Base64 Encode(Client Password))
Base64 Encode(tspclient+":"+Base64 Encode(tsp123abcd))
Base64 Encode(tspclient:dHNwMTIzYWJjZA==)
Output for client_secret:
dHNwY2xpZW50OmRITndNVEl6WVdKalpBPT0=
Scenario II. PKCE + Public Client (Client Password Not Required)
When the Public Client (With PKCE) option is selected in digiRunner's OAuth grant type, the client password is not required.
1. Concatenate the client ID with ":" (no client password is required)
2. Example:
Client ID: tspclient
Client Password: ""
Formula for generating the value:
Base64 Encode(ClientID+":")
Base64 Encode(tspclient+":")
Base64 Encode(tspclient:)
Output for client_secret:
dHNwY2xpZW50Og==
grant_type
String
Required
refresh_token, a fixed value
refresh_token
String
Required
Refresh Token, associated with the access token that requires refreshing
If the refresh token has expired, you must prompt the user to log in again to generate a new access token.
Example of Successful Response
If the refresh is successful, a new access token will be returned.
Example:
Example of Error Response
If the refresh token has expired, a 401 Unauthorized HTTP status code and JSON response will be returned.
Example:
Was this helpful?