Core
API v2.x
2

refreshToken #

Refreshes an authentication token:

  • a valid, non-expired authentication token must be provided
  • the provided authentication token is revoked
  • a new authentication token is generated and returned

API Keys and token with infinite duration cannot be refreshed


Query Syntax #

HTTP #

Copied to clipboard!
URL: http://kuzzle:7512/_refreshToken[?expiresIn=<expiresIn>]
Method: POST

Other protocols #

Copied to clipboard!
{
  "controller": "auth",
  "action": "refreshToken",
  "expiresIn": "<expiresIn>"
}

Arguments #

Optional: #

  • expiresIn: set the expiration duration (default: depends on Kuzzle configuration file)

  • if a raw number is provided (not enclosed between quotes), then the expiration delay is in milliseconds. Example: 86400000

  • if this value is a string, then its content is parsed by the ms library. Examples: "6d", "10h"

  • cookieAuth: Enable the refresh of the token stored in the HTTP Cookie


Response #

The result contains the following properties:

Copied to clipboard!
{
  "status": 200,
  "error": null,
  "controller": "auth",
  "action": "refreshToken",
  "requestId": "<unique request identifier>",
  "volatile": {},
  "result": {
    "_id": "<kuid>",
    "jwt": "<JWT encrypted token>",
    "expiresAt": 1321085955000,
    "ttl": 360000
  }
}