Requesting a Refresh Token

In this scenario, CSM returns a new Refresh token and invalidates the Refresh token that was previously in use.

  1. Make an HTTP POST call to the token operation.
  2. Pass data into the request body:
    Parameter Value
    grant_type refresh_token
    client_id as configured
    refresh_token refresh token received with access token
  3. CSM validates the client ID and Refresh token using the token store.

    If the validation is successful, an Access token and new Refresh token are returned. If the validation is unsuccessful, an error is returned. The new Refresh token is the one that must be used for the next Refresh token request.

Parent topic: OAuth2 Authentication Modes
© Copyright 2018 Cherwell Software, LLC. All rights reserved.