Application Integration (On-Premises) : Integration Server Built-In Services : OAuth Folder : pub.oauth:refreshAccessToken
pub.oauth:refreshAccessToken
Requests a refresh token from the authorization server. If the authorization server issued a refresh token to the client with the initial request, the client can use this service to submit a token refresh request when that initial refresh token expires.
Input Parameters
grant_type
String Specify the type of grant flow required by the client.
For refresh tokens, you must specify refresh_token.
refresh_token
String Refresh token issued to the client by the authentication server.
scope
String Optional. Specify the name of one or more scopes required by the client. Use a space to separate multiple scopes.
The value for scope must match or be a subset of the value you provided for the pub.oauth:authorize and pub.oauth:getAccessToken services.
The scope of the refresh token can be smaller than the original request. It cannot contain any scope tokens that were not in the original request.
Output Parameters
access_token
String The access token issued by the authorization server.
token_type
String The type of access token issued by the authorization server. The value is Bearer.
expires_in
String The number of seconds for which the access token is valid.
refresh_token
String The refresh token issued by the authorization server. You can use this token to obtain new access tokens using the same authorization grant.
scope
String Conditional. The name of the scopes requested by the client.
Usage Notes
This service is used with authorization grant flows only.
This service must be invoked using HTTPS unless the Require HTTPS setting on the Security > OAuth > Edit OAuth Global Settings page is disabled.
Clients must invoke this service via an HTTP POST request.
Confidential clients must authenticate requests by supplying their credentials in the HTTP Authorization header.
When Integration Server acts as the authorization server, the token_type output parameter is always Bearer. The authorization server retains the information about the bearer tokens it issues, including the user information. When the client presents a bearer token to the resource server, the resource server checks with the authorization server to see whether the user is allowed to access the requested folders and services.
Copyright © 2015- 2017 Software AG, Darmstadt, Germany. (Innovation Release)

Product LogoContact Support   |   Community   |   Feedback