Access Token generation from Refresh Token
To generate access token from request token use the following request,
getAccessToken
POST
The token_type can be of two values user session or company session. If the authorization request was for the company session creation then the token_type value is for the company or if the authorization request was for the user session creation then the toke_type value is for the user.
Path Parameters
Name | Type | Description |
---|---|---|
refresh_token | string | The value refresh_token must be sent because of the action by the client for refreshing the token |
grant_type | string | Although OAuth supports different grsnt_type values. The value supported by Xoxoday are authorization_code and refresh token |
client_id | string | This is the client_id value that you received after the client registration |
client_secret | string | This is the client_secret value that you received after the client registration |
User access_token and refresh_token:
The user
access_token
is generated based on the company access token.The default user session lasts for 15 days.
refresh_token
is the value with which the client can regenerate the expiredaccess_token
.For the user session, therefresh_token
lasts for 30 days.
Company access_token and refresh token:
The default company session lasts for 30 days.
refresh_token
is the value with which the client can regenerate expiredaccess_token
. Thisrefresh_token
for the company, the session lasts for 60 days.
Note: In the above response refresh_token is newly generated again. So client-server must replace the old refresh token with this new refresh token.
Last updated