POST v1/Authenticate/2FA/Refresh

Provides a new access token given the refresh token

URI template

v1/Authenticate/2FA/Refresh

Request Information

URI Parameters

None.

Body Parameters

Name	Description	Type	Additional information
RefreshToken	Refresh token used to generate a new Access Token	string	Required

Request Formats

application/json, text/json

Sample:

{
  "RefreshToken": "sample string 1"
}

application/xml, text/xml

Sample:

<InRefreshAccessToken xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.datacontract.org/2004/07/OnlineOrderingAPI.Inbound">
  <RefreshToken>sample string 1</RefreshToken>
</InRefreshAccessToken>

Response Information

Resource Description

A Http status code of 200 with access token information and id_token containing customer information base64 encoded are returned if refresh token is valid.
A Http status code of 404 if refresh token is invalid.
A Http status code of 403 if user account is locked.
A Http status code of 500 if access token refresh failed.
A Http status code of 400 if request body is invalid.

RefreshAccessTokenResult

Name	Description	Type	Additional information
access_token	The token required for all authenticated calls. Expires after expires_in_seconds seconds have elapsed	string	None.
refresh_token	This token is used to request a new access_token when the previous one expires	string	None.
expires_in_seconds	The number of seconds until the access_token expires	decimal number	None.
id_token	Customer information base64 encoded e.g. Id, LoyaltyId etc. This string will always be deserializable as a valid json object and the "path" to CustomerId, LoyaltyId etc. will never change. Making it a string allows us to add extra pieces of information if necessary for folks who might need them, without breaking our contract with everyone else	string	None.

Response Formats

application/json, text/json

Sample:

{
  "access_token": "eyJFbmNyeXB0ZWREYXRhIjoiN1BndHpFbXVTcE1xYUZ2djZlRzFKQUVNUlNDdmtPK1dNWGJVU1diSTlPVVp3bkNGbWlHQ29yWmJTcEdnaUdIdklaR1ZVVFl0eDg0ODM1K1V1MHUxYllRVGhySlo3NUZVN05BYXJwVkxuUGhPRENFd3VDOU9jVFIrV3NHOHZxdnJVRVRCa2dWNnRiS1Z6UllGemhwY0VyNXJwU3NNK2p5MG03VGQvMUJVQXRLVGYzcjVHQVhJL3VVWktUSDlETlc0UXI2WDZrb1V2ekc2dlBuTXVhdXpoUT09IiwiSXYiOiJxMmFwRVY3amZrZy9VUEhWbW5kZmhBVVJqamw1TlUvSXNoSStnM0NaMlZnPSJ9",
  "refresh_token": "eyJFbmNyeXB0ZWREYXRhIjoienNKR1JYb1h0azExNlV3T282SGM0bjc0dTFSYUZwc29KT2dkVm85VnRUST0iLCJJdiI6IlpvWG02WVZtTE5ROVBZVFk1WHd2eWtBdEJRM0pWNE9xMER3YnlZYmo0RlU9In0=",
  "expires_in_seconds": 1800.0,
  "id_token": "eyJDdXN0b21lcklkIjoiOGY1OWU4NGQtMzk5Yi00YjYyLWJiMmMtNTUyYWRkMjExMTZjIiwiTG95YWx0eUlkIjoiIn0="
}

id_token:

Decoded

json query:

Result:

{Results of your json query will appear here}

application/xml, text/xml

Sample:

<RefreshAccessTokenResult xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.datacontract.org/2004/07/OnlineOrderingAPI.Models.v1.Response">
  <access_token>eyJFbmNyeXB0ZWREYXRhIjoiN1BndHpFbXVTcE1xYUZ2djZlRzFKQUVNUlNDdmtPK1dNWGJVU1diSTlPVVp3bkNGbWlHQ29yWmJTcEdnaUdIdklaR1ZVVFl0eDg0ODM1K1V1MHUxYllRVGhySlo3NUZVN05BYXJwVkxuUGhPRENFd3VDOU9jVFIrV3NHOHZxdnJVRVRCa2dWNnRiS1Z6UllGemhwY0VyNXJwU3NNK2p5MG03VGQvMUJVQXRLVGYzcjVHQVhJL3VVWktUSDlETlc0UXI2WDZrb1V2ekc2dlBuTXVhdXpoUT09IiwiSXYiOiJxMmFwRVY3amZrZy9VUEhWbW5kZmhBVVJqamw1TlUvSXNoSStnM0NaMlZnPSJ9</access_token>
  <expires_in_seconds>1800</expires_in_seconds>
  <id_token>eyJDdXN0b21lcklkIjoiOGY1OWU4NGQtMzk5Yi00YjYyLWJiMmMtNTUyYWRkMjExMTZjIiwiTG95YWx0eUlkIjoiIn0=</id_token>
  <refresh_token>eyJFbmNyeXB0ZWREYXRhIjoienNKR1JYb1h0azExNlV3T282SGM0bjc0dTFSYUZwc29KT2dkVm85VnRUST0iLCJJdiI6IlpvWG02WVZtTE5ROVBZVFk1WHd2eWtBdEJRM0pWNE9xMER3YnlZYmo0RlU9In0=</refresh_token>
</RefreshAccessTokenResult>