Expand my Community achievements bar.

SOLVED

How can I get a new refresh token?

Avatar

Level 1

Using Oauth2. Is there some kind of flag I can set to get a new refresh token? Because I only get a refresh token the first time and never after that.

1 Accepted Solution

Avatar

Correct answer by
Level 10

The refresh_token is only provided on the first authorization from the user. Subsequent authorizations will not return the refresh_token again.

To get the refresh token again you need to  "Revoke Access" next to your app. first and then The next OAuth2 request you make will return a refresh_token.
This will prompt the user to authorize the application again and will always return a refresh_token

Only refresh tokens that are currently supported are the client credentials grant type, to read more click here.
Use following to get the refresh_token.

POST https://api.omniture.com/token Parameters: grant_type:authorization_code code:someauthcodehere redirect_uri:http://someuri client_id:someclientid client_secret:someclientsecret

Which returned

{ "access_token": "sometokenhere", "expires_in": 3600, "token_type": "bearer", "scope": null, "refresh_token": "somerefreshtoken", "success": true }

To refresh the token above, use below.

POST https://api.omniture.com/token Parameters: grant_type:refresh_token refresh_token:somerefreshtoken client_id:someclienthere client_secret:somesecrethere

Returns

{ "access_token": "sometokenhere", "expires_in": 3600, "token_type": "bearer", "scope": null, "success": true }

 

Regards,

Amit

View solution in original post

2 Replies

Avatar

Correct answer by
Level 10

The refresh_token is only provided on the first authorization from the user. Subsequent authorizations will not return the refresh_token again.

To get the refresh token again you need to  "Revoke Access" next to your app. first and then The next OAuth2 request you make will return a refresh_token.
This will prompt the user to authorize the application again and will always return a refresh_token

Only refresh tokens that are currently supported are the client credentials grant type, to read more click here.
Use following to get the refresh_token.

POST https://api.omniture.com/token Parameters: grant_type:authorization_code code:someauthcodehere redirect_uri:http://someuri client_id:someclientid client_secret:someclientsecret

Which returned

{ "access_token": "sometokenhere", "expires_in": 3600, "token_type": "bearer", "scope": null, "refresh_token": "somerefreshtoken", "success": true }

To refresh the token above, use below.

POST https://api.omniture.com/token Parameters: grant_type:refresh_token refresh_token:somerefreshtoken client_id:someclienthere client_secret:somesecrethere

Returns

{ "access_token": "sometokenhere", "expires_in": 3600, "token_type": "bearer", "scope": null, "success": true }

 

Regards,

Amit

Avatar

Level 1

Thanks for the terrific response Amit! What did you mean by "Revoke Access"? Is that like a button somewhere?