Core
API v1.x
1

You are currently looking at the documentation of a previous version of Kuzzle. We strongly recommend that you use the latest version. You can also use the version selector in the top menu.

refreshToken #

Available since 1.7.0

Refreshes an authentication token:

  • a valid, non-expired authentication must be provided
  • the provided authentication token is revoked
  • a new authentication token is generated and returned

Query Syntax #

HTTP #

URL: http://kuzzle:7512/_refreshToken[?expiresIn=<expiresIn>]
Method: POST

Other protocols #

{
  "controller": "auth",
  "action": "refreshToken",
  "expiresIn": "<expiresIn>"
}

Arguments #

Optional: #

  • expiresIn: set the expiration duration (default: depends on Kuzzle configuration file)
  • if a raw number is provided (not enclosed between quotes), then the expiration delay is in milliseconds. Example: 86400000
  • if this value is a string, then its content is parsed by the ms library. Examples: "6d", "10h"

Response #

The result contains the following properties:

  • _id: user's kuid
  • jwt: encrypted JSON Web Token, that must then be sent in the requests headers or in the query
  • expiresAt: new token expiration date, in Epoch-millis (UTC)
  • ttl: new token time to live, in milliseconds
{
  "status": 200,
  "error": null,
  "controller": "auth",
  "action": "refreshToken",
  "requestId": "<unique request identifier>",
  "volatile": {},
  "result": {
    "_id": "<kuid>",
    "jwt": "<JWT encrypted token>",
    "expiresAt": 1321085955000,
    "ttl": 360000
  }
}