Obtain an Access Token from a Refresh Token

In a previous article, you learned to generate both refresh and access tokens. This article documents the call to be used to obtain access tokens at regular, short intervals.


curl --location --request POST '{{hostname}}/oauth/token' \
     --header 'authorization: Basic base64encode({{clientid:clientsecret}})' \
	 --header 'cache-control: no-cache' \
	 --header 'content-type: application/x-www-form-urlencoded' \
	 --data-urlencode 'grant_type=refresh_token' \
	 --data-urlencode 'refresh_token={{refresh token}}'

Hostname

In {{hostname}}, enter your SearchUnify instance URL.

Headers

The call requires three headers.

Header	Value	Type
`authorization`	Client ID and client secret encoded in base 64. Details on: Get Client ID and Client Secret with an API App	String
`cache-control`	Always `no-cache`	String
`content-type`	Always `application/x-www-form-urlencoded`, else an error will be thrown. See: Content Type Error.	String

Parameters

There are two parameters in the call.

Parameter	Value	Type
`grant_type`	Always `refresh_token`	String
`refresh_token`	The refresh token obtained from the first curl call. Details on: Get Access and Refresh Token Using curl	String

Content Type Error

There will be a 404 error.


{ 
    "statusCode": 400, 
    "status": 400,
    "code": 400, 
    "message": "Invalid request: content must be application/x-www-form-urlencoded", 
	"name": "invalid_request" }

Last updated: Wednesday, April 10, 2024

Or, send us your review at help-feedback@searchunify.com