1. Token
  • Overview
  • Application Guides
    • Frontend
      • Get Started - React App
      • Get Started - HTML and JS
      • Get Started - Angular JS
      • Get Started - Next JS App
    • Backend
      • Get Started - Node JS
      • Get Started - Golang
      • Get Started - ASP.NET
      • Get Started - JAVA
  • Dashboard
    • API Credentials
    • Organization
    • Social Login
    • Customize Email Template
    • Configure Custom Domain
    • IT Admin Portal
  • Authentication
    • Login Widget
    • Magic Link
    • Google Social Login
    • Multi-Factor Authentication
    • Single Sign-On Overview
    • Setup SSO Connection
  • Security
    • Overview
    • Authentication
      • Password Hashing and Storage
      • Multi-Factor Authentication Methods and Implementation
      • Session Management
    • Attack Protection
      • Bot Detection
      • Breached Password Detection
      • Brute Force Protection
      • Log Events
      • Secure JSON Web Tokens (JWT)
      • Secure OpenID Connect (OIDC)
      • Suspicious IP Throttling
    • Data Security
      • Data Encryption At Rest and In Transit
      • Secure Storage of Secrets (Keys, Credentials)
      • Sensitive Data Handling
    • Infrastructure
      • Security Considerations for Cloud Provider or Deployment Model
      • Threat Modeling
  • API References
    • Authentication
      • MagicLink
        • Email a Magic Link
        • Resend Email Magic Link
        • Verify Magic Link
        • Ping Status
      • Magic Auth Code
        • Email a Magic Auth Code
        • Resend Magic Auth Code
        • Verify Magic Auth Code
      • Phone Authentication
        • Send Magic Auth Code via SMS
        • Resend Magic Auth Code via SMS
        • Phone Magic Auth Verify
      • PassKey
        • Initiate Passkey Login
        • Passkey Registration Initialize
        • Finish Passkey Authentication
        • Complete Passkey Registration
        • Check User Passkey Authentication Status
        • List User PassKey Credentials
        • Update Passkey Name
        • Delete Associated Passkey
      • GET Auth Status
    • Token
      • Refresh Token
        GET
      • Access Token By Auth Code
        GET
    • Mutli-Factor Authentication (MFA)
      • MFA Access Token
      • List of Authenticators
      • MFA Enroll TOTP
      • Initiate MFA
      • QR Code Image API
      • Validate MFA Token
      • Get Backup Code
    • Role And Permission
      • List All Roles
      • List All Permission
      • Create New Role
      • Update Existing Role
      • Update Permission By Permission Id
      • Remove Organization Role By Role Id
      • Remove Organization Permission By Permission Id
    • User Management
      • List All Users
      • GET User By User Id
      • GET User by User Email Address
      • Create a User
      • Update User by User Id
      • Verify User Status By User Id
      • Delete User By User Id
      • Manage User Roles
      • GET Users Organizations
      • GET User Login Logs
    • Organization
      • Add New Organization
      • Get Organization
      • Get All Organization
      • Update Organization
      • Delete Organization
      • GET Configuration By Client Id
      • GET Configuration By Custom Domain
  1. Token

Refresh Token

GET
https://api.ssojet.com/api/v1/accesstoken/refresh

Access Token Refresh#

This endpoint is used to exchange a refresh token for a new access token. Refresh tokens are single use, so a new refresh token is returned

Request#

Method: GET
URL: https://api.ssojet.com/api/v1/accesstoken/refresh
Query Parameters:
client_id (string, required): The client ID for authentication.
refresh_token (string, required): The refresh token to be used for generating a new access token.

Response#

The response will be a JSON object with the following schema:
{
  "type": "object",
  "properties": {
    "authenticated": {
      "type": "boolean"
    },
    "oauth": {
      "type": "object",
      "properties": {
        "access_token": {
          "type": "string"
        },
        "refresh_token": {
          "type": "string"
        },
        "expires_at": {
          "type": "string"
        },
        "token_type": {
          "type": "string"
        }
      }
    },
    "user": {
      "type": "object",
      "properties": {
        "created_at": {
          "type": "string"
        },
        "updated_at": {
          "type": "string"
        },
        "issuer": {
          "type": "string"
        },
        "user_id": {
          "type": "string"
        },
        "identifier": {
          "type": "string"
        },
        "email": {
          "type": "string"
        },
        "last_login_at": {
          "type": "string"
        }
      }
    }
  }
}

Response Status Code#

200 OK: Magic link sent successfully.
400 Bad Request: Invalid email format.
500 Internal Server Error: An error occurred while processing the request.

Request

Query Params
client_id
string 
required
This identifies the application making the request to the SSOJET server. You can find your client ID on the API Keys page in the dashboard
Example:
string
refresh_token
string 
required
User Refresh Token value
Example:
string
Header Params
User-Agent
string 
required
Example:
SSOJET API
Content-Type
string 
optional
Default:
application/json

Request samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request GET 'https://api.ssojet.com/api/v1/accesstoken/refresh?client_id=string&client_id=&refresh_token=string' \
--header 'User-Agent: SSOJET API' \
--header 'User-Agent;' \
--header 'Content-Type: application/json'

Responses

🟢200Token
application/json
Body
authenticated
boolean 
required
oauth
object 
required
access_token
string 
required
refresh_token
string 
required
expires_at
string 
required
token_type
string 
required
user
object 
required
created_at
string 
required
updated_at
string 
required
issuer
string 
required
user_id
string 
required
identifier
string 
required
email
string 
required
last_login_at
string 
required
Example
{
  "authenticated": true,
  "oauth": {
    "access_token": "FJXgRqCdV1bW1lRmn26F3xQr30FzhFTiGNqFRRASIJ4dXKKmaFKDOtLDTfo2u38-eJL4AWGiw8pyIkvjS6YwqID4yQc74P36M_Ouc-WJRA_nJvRgff1EEyMSY-OPcF6BnIEBIoa296NAbcjgwqOC4NdLIlvTI9ydhzNVfay_5ISUM_7v_16a6mDDDUJaI4-6j5n_WZ8RWb0TxBpi2DZizvhcm43jZMikyKrIT9AtQklCf03bDgNrXMXZXPONoNDFyVffnANOETil2saNdSSZwno2fnhuxPLuBFBPOKi-48KrUyFEvkuDrA5TBZ94G-yVIgZtcU2-IrQ",
    "refresh_token": "8OVbvLf8mQYSR3Y7yhCHqqZcJUlKtm6xhiKLQWAP4_oWImg7fEmj0RrDQfRSasVaIonDa3X_v-vQ7eRIcGAYjaLXoSq3ONaDlrokA_qKayf_HAlt_jaCctnJ7itVKDvMd5v6VeK7uR3RgtcboeKNuQxQ1W9EbZELra75ktAUIHK9fc7ihJiKlOkwryLs8zW2rn4ZkKM0_KSSnc7W7OpM0OW-qO0DG0H6nR25Y2DDPhwXo1wB7HoZU_OGFqwaq5PwwBmucfGiLuM27Bb9q4hqQ0hfb4YDPTanggxG859sffIbD6afb2aqPD9JjBu7QKaDONLv9HLBh2w",
    "expires_at": "2024-02-12T10:09:07+05:30",
    "token_type": "Bearer"
  },
  "user": {
    "created_at": "2024-02-12T04:06:34.015Z",
    "updated_at": "2024-02-12T04:09:07.592Z",
    "issuer": "ssojet",
    "user_id": "65c9994acc29c09b2e54e649",
    "identifier": "ankurgupta0287@gmail.com",
    "email": "ankurgupta0287@gmail.com",
    "last_login_at": "2024-02-12T04:09:07.592Z"
  }
}
Modified at 2024-07-22 11:12:11
Previous
GET Auth Status
Next
Access Token By Auth Code
Built with