Refresh Token API

refresh_token

This API is used to generate a refresh token to obtain a renewed access token using client ID.

📘

Note:

You can use this API when the token generated using the Get Token API has expired. The expiry period of the token generated using this API is configurable by you (partner). The expiry period (in seconds) of the token is displayed in the expires_in parameter of the response.

Environment

Sample response
curl --request POST \
     --url https://uat-accounts.payu.in/token \
     --header 'Content-Type: application/x-www-form-urlencoded' \
     --header 'accept: application/json; charset=utf-8' \
     --data 'client_id={{client_id}}' \
     --data 'client_secret={{client_secret}}' \
     --data grant_type=refresh_token \
     --data 'refresh_token={{refresh_token}}'
Sample response

Successful transaction

{
  "access_token": "8703474d8779483d9a298666faafa1ee5c1fc24c71dc1890dc7484e19cf27c9e",
  "token_type": "Bearer",
  "expires_in": 7199,
  "refresh_token": "249fbf69a7841aa28cc494984b45efcb22537c0cedbb672c6fa18ba8eb21d8ce",
  "scope": "hub_session",
  "created_at": 1553511296,
  "user_uuid": "11e7-a7f6-f0494f6c-bbb7-4a020b6b2b14"
}

Failure scenarios

CodeReasonResponse
401without grant Type{ "error": "invalid_request", "error_description": "The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed." }
401without refresh token{ "error": "invalid_request", "error_description": "The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed." }
401with invalid client{ "error": "invalid_client", "error_description": "Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method." }
401without client secret{ "access_token": "8703474d8779483d9a298666faafa1ee5c1fc24c71dc1890dc7484e19cf27c9e", "token_type": "Bearer", "expires_in": 7199, "refresh_token": "249fbf69a7841aa28cc494984b45efcb22537c0cedbb672c6fa18ba8eb21d8ce", "scope": "hub_session", "created_at": 1553511296, "user_uuid": "11e7-a7f6-f0494f6c-bbb7-4a020b6b2b14" }
401with invalid grant type{ "error": "unsupported_grant_type", "error_description": "The authorization grant type is not supported by the authorization server." }
401invalid refresh token{ "error": "invalid_grant", "error_description": "The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client." }
Response parameters
ParametersDescription
access_tokenIndicates the Security Token used to get access in Partner/Payouts API calls.
token_typeType of authorization token
expire_inIndicates the TTL i.e., the time limit (in seconds) after which the Security Token will expire
refresh_tokenUsed to refresh the access_token. To know more, read Refresh Token section
scopeRepresents the allowed scopes in generated security token. For e.g., the generated token can be used only for Payouts API requests
created_atIndicates the Time of Creation in milliseconds
user_uuidIndicates the Unique Identifier for the user.

Request Parameters

Additional Information for Request Parameters
ParametersDescription
client_idFor getting your client ID, refer to Download Client Credentials.
client_secretFor getting your client secret, refer to Download Client Credentials.
Language
URL
Click Try It! to start a request and see the response here!