This API is used to generate a refresh token to obtain a renewed access token using client ID.
Note:
You can use this API when the token generated using the Get Token API has expired. The expiry period of the token generated using this API is configurable by you (partner). The expiry period (in seconds) of the token is displayed in the expires_in parameter of the response.
Environment
| Test | https://uat-accounts.payu.in |
| Production | https://accounts.payu.in |
Request parameters
| Parameter | Description | Example |
|---|---|---|
| client_ID mandatory | StringThis parameter will contain the public Client ID. | 6f8bb4951e030d4d7349e64a144a53477 8673585f86039617c167166e9154f7e |
| client_secret optional | StringThis parameter will contain the client secret. | |
| grant_type mandatory | StringThis parameter will contain the value as refresh_token. | refresh_token |
| refresh_token mandatory | String Indicates the refresh token. This is the token that was generated using the Get Access Token - WhatsApp. | Β |
Sample request
curl --location -g --request POST 'https://uat-accounts.payu.in/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id={{client_id}}' \
--data-urlencode 'client_secret={{client_secret}}' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'refresh_token={{refresh_token}}'
Response parameters
| Parameters | Description |
|---|---|
| access_token | Indicates the Security Token used to get access in Partner/Payouts API calls. |
| token_type | Type of authorization token |
| expire_in | Indicates the TTL i.e., the time limit (in seconds) after which the Security Token will expire |
| refresh_token | Used to refresh the access_token. To know more, read Refresh Token section |
| scope | Represents the allowed scopes in generated security token. For e.g., the generated token can be used only for Payouts API requests |
| created_at | Indicates the Time of Creation in milliseconds |
| user_uuid | Indicates the Unique Identifier for the user. |
Sample response
Successful transaction
Success
{
"access_token": "8703474d8779483d9a298666faafa1ee5c1fc24c71dc1890dc7484e19cf27c9e",
"token_type": "Bearer",
"expires_in": 7199,
"refresh_token": "249fbf69a7841aa28cc494984b45efcb22537c0cedbb672c6fa18ba8eb21d8ce",
"scope": "hub_session",
"created_at": 1553511296,
"user_uuid": "11e7-a7f6-f0494f6c-bbb7-4a020b6b2b14"
}
Failure scenarios
| Code | Reason | Response |
|---|---|---|
| 401 | without grant Type | { "error": "invalid_request", "error_description": "The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed." } |
| 401 | without refresh token | { "error": "invalid_request", "error_description": "The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed." } |
| 401 | with invalid client | { "error": "invalid_client", "error_description": "Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method." } |
| 401 | without client secret | { "access_token": "8703474d8779483d9a298666faafa1ee5c1fc24c71dc1890dc7484e19cf27c9e", "token_type": "Bearer", "expires_in": 7199, "refresh_token": "249fbf69a7841aa28cc494984b45efcb22537c0cedbb672c6fa18ba8eb21d8ce", "scope": "hub_session", "created_at": 1553511296, "user_uuid": "11e7-a7f6-f0494f6c-bbb7-4a020b6b2b14" } |
| 401 | with invalid grant type | { "error": "unsupported_grant_type", "error_description": "The authorization grant type is not supported by the authorization server." } |
| 401 | invalid refresh token | { "error": "invalid_grant", "error_description": "The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client." } |