/Generate or Refresh Token
Generate or Refresh Token
This method creates or refreshes the token depending on the body of the request.
For creating new token required parameters are: grant_type, auth_req_id, and client_id
For refreshing existing token required parameters are: grant_type, refresh_token, client_id
Body Parameters
parameters client_id and client_secret should be passed in Body as
x-www-form-urlencoded parameters
| Parameter | Type | Description |
|---|---|---|
| client_id | string | The client identifier issued to the client during the registration process |
| auth_req_id | string | It is the unique identifier to identify the authentication request (transaction) made by the Client NOTE - this parameter is only used in case of CIBA |
| grant_type | string | When creating new token grant_type must be 'urn:openid:params:grant-type:ciba' or 'authorization_code', depending from where process was started. If authorization initiated from authorize endpoint then the grant_type must be 'authorization_code'. If authorization initiated from bc authorization endpoint, then the grant_type must be 'urn:openid:params:grant-type:ciba' For refresh token grant_type must be 'refresh_token' |
| code-verifier | string | The code verifier for the PKCE request, that the app originally generated before the authorization request. NOTE - this parameter is skipped in case of CIBA |
| code | string | The client will send the authorization code it obtained in the redirect NOTE - this parameter is skipped in case of CIBA |
| refresh_token | string | refresh_token parameter used when refreshing the token |
| redirect_uri | string | The redirect URL that was used in the initial authorization request NOTE - this parameter is skipped in case of CIBA |
Updated 7 months ago