Refresh Tokens
Obtaining an access token via the OAuth 2.0 Authorization Code grant flow offers a refresh token. Whilst access tokens expire after just 1 hour, a refresh token expires after 60 days and may be used to obtain a fresh access token.
Using a refresh token
You may exchange a refresh_token
for an access_token
by making a POST
request to the following
URL
POST https://{account}.evance.me/admin/oauth/token.json
Replace {account}
with the unique identifier for correct Evance Account.
Your post request must include the following parameters in the body of the request:
grant_type
Must have a value of refresh_token . |
refresh_token
The refresh token previously issued to the client. |
scope
Optional. The requested scope must not include scopes additional to those in the original access_token token
request.
|
client_id
Your App's Client ID from your API Credentials. |
client_secret
Your App's secret key - equivalent to a password. |
A successful request will receive a JSON response from the server similar to the following:
{
"access_token": "43e213757dd5a224ace6ffc22b8c436219c5830b",
"expires_in": 3600,
"token_type": "Bearer",
"scope": null,
"refresh_token": "59461d2abd392f2c6fd36de836f0660ac6214ee5"
}
Your new access token will expire after 1 hour and you will be issued with a new refresh token which replaces supersedes the refresh token used for this request.