refreshToken #

Refreshes an authentication token:

• a valid, non-expired authentication token must be provided
• the provided authentication token is revoked
• a new authentication token is generated and returned

API Keys and token with infinite duration cannot be refreshed

---

Query Syntax #

HTTP #

Copied to clipboard!

URL: http://kuzzle:7512/_refreshToken[?expiresIn=<expiresIn>]
Method: POST

Other protocols #

Copied to clipboard!

{
  "controller": "auth",
  "action": "refreshToken",
  "expiresIn": "<expiresIn>"
}

---

Arguments #

Optional: #

• expiresIn: set the expiration duration (default: depends on Kuzzle configuration file)

• if a raw number is provided (not enclosed between quotes), then the expiration delay is in milliseconds. Example: 86400000

• if this value is a string, then its content is parsed by the ms (opens new window) library. Examples: "6d", "10h"

• cookieAuth: Enable the refresh of the token stored in the HTTP Cookie (opens new window)

  • This only works in a Browser and only if Kuzzle CORS is properly configured. see Authentication Token in the Browser

---

Response #

The result contains the following properties:

• _id: user's kuid
• jwt: encrypted authentication token, that must then be sent in the requests
• expiresAt: new token expiration date, in Epoch-millis (UTC)
• ttl: new token time to live, in milliseconds

Copied to clipboard!

{
  "status": 200,
  "error": null,
  "controller": "auth",
  "action": "refreshToken",
  "requestId": "<unique request identifier>",
  "volatile": {},
  "result": {
    "_id": "<kuid>",
    "jwt": "<JWT encrypted token>",
    "expiresAt": 1321085955000,
    "ttl": 360000
  }
}