Get Access Token By Api Refresh Token Using POST

Get Access Token By Api Refresh Token Using POST

The end-point is for exchanging organization scoped API-tokens only, that are obtained from the CSP web console.
1. Including the api_token parameter using the application/x-www-form-urlencoded format in the HTTP request body.
2. DEPRECATED: Passing the refresh_token param name, need to use api_token
3. DEPRECATED: Passing the refresh_token via query param

Access Policy

Role User Accounts Service Accounts (Client Credentials Applications)
Anonymous ✔️ ✔️
Request
URI
POST
https://{api_host}/csp/gateway/am/api/auth/api-tokens/authorize
COPY
Request Body

The application/x-www-form-urlencoded form data type.

GetAccessTokenByApiRefreshTokenRequest of mimetype application/x-www-form-urlencoded
Optional
string
passcode
Optional

The multi-factor authentication passcode from the registered multi-factor authentication (MFA) device.

string
api_token
Optional

The value of the API token.

string
refresh_token
Optional

Deprecated, need to use api_token

string
allowed_resource_scope
Optional

List of permissions with resources per service definition, which the access token will be scoped to. Accepts a valid json representation of ServicesPermissionsScopesDto class.

string
scope
Optional

The list of scopes separated by a space and is URL encoded. Scope parameter can be used to request different scopes to obtain a scoped access token

Authentication
This operation uses the following authentication methods.
Responses
200

OK

Returns AccessTokenDto of type(s) application/json 
"AccessTokenDto Object"
string
access_token
Optional

The access token. This is a JWT token that grants access to resources.

string
token_type
Optional

The type of the token.

string
issued_token_type
Optional

An identifier for the representation of the issued security token.

string
id_token
Optional

The ID Token is a signed JWT token returned from the authorization server and contains the user's profile information, including the domain of the identity provider. This domain is used to obtain the identity provider URL. This token is used for optimization so the application can know the identity of the user, without having to make any additional network requests. This token can be generated via the Authorization Code flow only.

string
refresh_token
Optional

The value of the Refresh token.

integer As int64 As int64
expires_in
Optional

Access token expiration in seconds.

string
scope
Optional

The scope of access needed for the token


400

Invalid request body | In case of expired refresh_token.

Returns CspErrorResponse of type(s) application/json 
"CspErrorResponse Object"
string
cspErrorCode
Optional

cspErrorCode

string
message
Optional

message

string
errorCode
Optional

errorCode

string
requestId
Optional

requestId

integer As int32 As int32
moduleCode
Optional

moduleCode

integer As int32 As int32
statusCode
Optional

statusCode


404

The requested resource could not be found

Returns CspErrorResponse of type(s) application/json 
"CspErrorResponse Object"
string
cspErrorCode
Optional

cspErrorCode

string
message
Optional

message

string
errorCode
Optional

errorCode

string
requestId
Optional

requestId

integer As int32 As int32
moduleCode
Optional

moduleCode

integer As int32 As int32
statusCode
Optional

statusCode


409

The request could not be processed due to a conflict

Returns CspErrorResponse of type(s) application/json 
"CspErrorResponse Object"
string
cspErrorCode
Optional

cspErrorCode

string
message
Optional

message

string
errorCode
Optional

errorCode

string
requestId
Optional

requestId

integer As int32 As int32
moduleCode
Optional

moduleCode

integer As int32 As int32
statusCode
Optional

statusCode


429

The user has sent too many requests

Returns CspErrorResponse of type(s) application/json 
"CspErrorResponse Object"
string
cspErrorCode
Optional

cspErrorCode

string
message
Optional

message

string
errorCode
Optional

errorCode

string
requestId
Optional

requestId

integer As int32 As int32
moduleCode
Optional

moduleCode

integer As int32 As int32
statusCode
Optional

statusCode


500

An unexpected error has occurred while processing the request

Returns CspErrorResponse of type(s) application/json 
"CspErrorResponse Object"
string
cspErrorCode
Optional

cspErrorCode

string
message
Optional

message

string
errorCode
Optional

errorCode

string
requestId
Optional

requestId

integer As int32 As int32
moduleCode
Optional

moduleCode

integer As int32 As int32
statusCode
Optional

statusCode


Code Samples
COPY 
                    curl -X POST -H 'Authorization: <value>' -H 'Content-Type: application/x-www-form-urlencoded' -d '{}' https://{api_host}/csp/gateway/am/api/auth/api-tokens/authorize
On This Page
Authentication Operations
POST
Get Identity Provider Logout Url Using POST
POST
Get Identity Provider Logout Url V2 Using POST
GET
Get Public Key Using GET
GET
Get Json Web Keys Using GET
POST
Revoke Token Using POST
POST
Get Access Token By Api Refresh Token Using POST
POST
Get Api Token Details Using POST
POST
Get Token Introspection Details Using POST
POST
Get Token For Authorization Grant Type Using POST