RefreshToken
API Playground
Refresh your access token using a refresh token. This allows you to obtain a new access token without requiring the user to log in again.
The current access token
The refresh token obtained from the login endpoint
Endpoint
POST https://devapi.marketiger3d.com/v2/Auth/RefreshToken
Authentication
This endpoint does not require authentication. However, you must provide a valid refresh token in the request body.
Request Body
{
"accessToken": "string",
"refreshToken": "string"
}
Request Body Schema
| Field | Type | Required | Description |
|---|---|---|---|
| accessToken | string | Yes | The current access token |
| refreshToken | string | Yes | The refresh token obtained from the login endpoint |
Example Request
curl -X POST "https://devapi.marketiger3d.com/v2/Auth/RefreshToken" \
-H "Content-Type: application/json" \
-d '{
"accessToken": "your_access_token_here",
"refreshToken": "your_refresh_token_here"
}'
fetch('https://devapi.marketiger3d.com/v2/Auth/RefreshToken', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
accessToken: 'your_access_token_here',
refreshToken: 'your_refresh_token_here'
})
})
.then(response => response.json())
.then(data => {
if (data.success) {
const newAccessToken = data.data.accessToken;
const newRefreshToken = data.data.refreshToken;
// Update stored tokens
}
})
.catch(error => console.error('Error:', error));
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "https://devapi.marketiger3d.com/v2/Auth/RefreshToken");
request.Content = new StringContent(JsonSerializer.Serialize(new {
accessToken = "your_access_token_here",
refreshToken = "your_refresh_token_here"
}), Encoding.UTF8, "application/json");
var response = await client.SendAsync(request);
var responseContent = await response.Content.ReadAsStringAsync();
var refreshResponse = JsonSerializer.Deserialize<RefreshTokenResponse>(responseContent);
if (refreshResponse.Success)
{
var newAccessToken = refreshResponse.Data.AccessToken;
var newRefreshToken = refreshResponse.Data.RefreshToken;
// Update stored tokens
}
Response
Success Response (200 OK)
{
"success": true,
"data": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refreshToken": "new_refresh_token_here"
}
}
Response Schema
| Field | Type | Description |
|---|---|---|
| success | boolean | Indicates if the request succeeded |
| data | object | Response data |
| data.accessToken | string | New JWT authentication token (Bearer token) |
| data.refreshToken | string | New refresh token for future token refreshes |
Error Response (401 Unauthorized)
{
"success": false,
"error": {
"type": "AUTHENTICATION",
"message": "Invalid or expired refresh token"
}
}
Error Codes
| Error Type | Status | Description |
|---|---|---|
| AUTHENTICATION | 401 | Invalid or expired refresh token |
Notes
- Refresh tokens expire after 12 hours
- Always store the new refresh token returned in the response
- Use the new access token for all subsequent authenticated requests
- If refresh fails, the user must log in again using the login endpoint
Best Practices
- Refresh before expiration: Implement logic to refresh tokens before they expire
- Store new tokens: Always update stored tokens with the new values from the response
- Handle failures: If refresh fails, redirect the user to the login page
- Automatic retry: Implement automatic token refresh in your HTTP client wrapper