Use a previously obtained refresh token to generate a new access token. Access tokens expire after 6 hours, so if you need offline access to data in Rhythm, you'll need to store the refresh token you get when initiating your OAuth integration, and use that to generate a new access token once the initial access token expires. Refresh tokens never expire, but is one time use only. When a new access token is generated, a new refresh token is generated along side, and must be used when this new access token expires.
HTTP Methods: POST
Content Type: application/x-www-form-urlencoded
Response Format: json
Requires Authentication? Yes
Note: Rhythm access tokens will fluctuate in size as we change the information that is encoded the tokens. We recommend allowing for tokens to be up to 300 characters to account for any changes we may make.
- Grant Type grant_type=refresh_token Used in the request body
The grant type of the request, must be authorization_code for the initial request to get the access and refresh tokens.
- Client Id: client_id=x
The Client ID of your app.
- Client Secret: client_secret=x Used in the request body
The Client Secret of your app.
- Refresh Token: refresh_token=x Used in the request body
The refresh_token that was returned along with a previous generated access token. Note that refresh tokens are one time use only. Once a refresh token is used to generate a new access token, it will be rejected if it is used again.