Refresh OAuth 2.0 Access Token


Use a previously obtained refresh token to generate a new access token.  Access tokens expire after 6 hours, so if you need offline access to data in Rhythm, you'll need to store the refresh token you get when initiating your OAuth integration, and use that to generate a new access token once the initial access token expires. Refresh tokens never expire, but is one time use only. When a new access token is generated, a new refresh token is generated along side, and must be used when this new access token expires.

Method Details

HTTP Methods: POST

Content Type: application/x-www-form-urlencoded

Response Format: json

Requires Authentication? Yes

Headers User-Agent

Note: Rhythm access tokens will fluctuate in size as we change the information that is encoded the tokens. We recommend allowing for tokens to be up to 300 characters to account for any changes we may make.

Required Parameters

  • Grant Type grant_type=refresh_token Used in the request body

The grant type of the request, must be authorization_code for the initial request to get the access and refresh tokens.

  • Client Id: client_id=x

The Client ID of your app.

  • Client Secret: client_secret=x Used in the request body

The Client Secret of your app.

  • Refresh Token: refresh_token=x Used in the request body

The refresh_token that was returned along with a previous generated access token. Note that refresh tokens are one time use only. Once a refresh token is used to generate a new access token, it will be rejected if it is used again.