post https://uat-accounts.payu.in/token
refresh_token
This API is used to generate a refresh token to obtain a renewed access token using client ID.
Note:
You can use this API when the token generated using the Get Token API has expired. The expiry period of the token generated using this API is configurable by you (partner). The expiry period (in seconds) of the token is displayed in the expires_in parameter of the response.
Environment
| Test | https://uat-accounts.payu.in |
| Production | https://accounts.payu.in |
Sample response
curl --request POST \
--url https://uat-accounts.payu.in/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'accept: application/json; charset=utf-8' \
--data 'client_id={{client_id}}' \
--data 'client_secret={{client_secret}}' \
--data grant_type=refresh_token \
--data 'refresh_token={{refresh_token}}'
Sample response
Successful transaction
{
"access_token": "8703474d8779483d9a298666faafa1ee5c1fc24c71dc1890dc7484e19cf27c9e",
"token_type": "Bearer",
"expires_in": 7199,
"refresh_token": "249fbf69a7841aa28cc494984b45efcb22537c0cedbb672c6fa18ba8eb21d8ce",
"scope": "hub_session",
"created_at": 1553511296,
"user_uuid": "11e7-a7f6-f0494f6c-bbb7-4a020b6b2b14"
}
Failure scenarios
| Code | Reason | Response |
|---|---|---|
| 401 | without grant Type | { "error": "invalid_request", "error_description": "The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed." } |
| 401 | without refresh token | { "error": "invalid_request", "error_description": "The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed." } |
| 401 | with invalid client | { "error": "invalid_client", "error_description": "Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method." } |
| 401 | without client secret | { "access_token": "8703474d8779483d9a298666faafa1ee5c1fc24c71dc1890dc7484e19cf27c9e", "token_type": "Bearer", "expires_in": 7199, "refresh_token": "249fbf69a7841aa28cc494984b45efcb22537c0cedbb672c6fa18ba8eb21d8ce", "scope": "hub_session", "created_at": 1553511296, "user_uuid": "11e7-a7f6-f0494f6c-bbb7-4a020b6b2b14" } |
| 401 | with invalid grant type | { "error": "unsupported_grant_type", "error_description": "The authorization grant type is not supported by the authorization server." } |
| 401 | invalid refresh token | { "error": "invalid_grant", "error_description": "The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client." } |
Response parameters
| Parameters | Description |
|---|---|
| access_token | Indicates the Security Token used to get access in Partner/Payouts API calls. |
| token_type | Type of authorization token |
| expire_in | Indicates the TTL i.e., the time limit (in seconds) after which the Security Token will expire |
| refresh_token | Used to refresh the access_token. To know more, read Refresh Token section |
| scope | Represents the allowed scopes in generated security token. For e.g., the generated token can be used only for Payouts API requests |
| created_at | Indicates the Time of Creation in milliseconds |
| user_uuid | Indicates the Unique Identifier for the user. |
Request Parameters
Additional Information for Request Parameters
| Parameters | Description |
|---|---|
| client_id | For getting your client ID, refer to Download Client Credentials. |
| client_secret | For getting your client secret, refer to Download Client Credentials. |