Difference between revisions of "Refresh Token"

From MgmtWiki
Jump to: navigation, search
(Solutions)
(Solutions)
Line 12: Line 12:
 
==Solutions==
 
==Solutions==
 
The [[Refresh Token]] can be used to renew an expired [[Grant]] by going back to a database to assure that the [[User]] that issued the [[Grant]] has not issued a [[Revocation]].
 
The [[Refresh Token]] can be used to renew an expired [[Grant]] by going back to a database to assure that the [[User]] that issued the [[Grant]] has not issued a [[Revocation]].
 +
 +
===CURL Refresh===
 +
Following is the curl call to refresh access token if it is expired. Thanks to  Brady Fausett.
 +
 +
Token Refresh CURL Example:BB_SERVER="<BB2 sandbox or prod URL>"
 +
BB_CLIENT_ID="<your app's client ID>"
 +
BB_CLIENT_SECRET="<your app's client SECRET>"REFRESH_TOKEN="<your refresh token associated with a previously granted access token>"curl -s -w "%
 +
{http_code}" -X POST "${BB_SERVER}/v1/o/token/" \
 +
    -u "${BB_CLIENT_ID}:${BB_CLIENT_SECRET}" \
 +
    -d "grant_type=refresh_token&client_id=${BB_CLIENT_ID}&refresh_token=${REFRESH_TOKEN}"EXAMPLE RETURN FROM CURL COMMAND:    {"access_token":
 +
"wlRtbVkXzUdE9Kcjc8wWnpRmJ7KuuC", "expires_in": 36000, "token_type": "Bearer", "scope": "patient/ExplanationOfBenefit.read patient/Coverage.read",
 +
"refresh_token": "gzKxj0JkKamuaOWZRaIAJyfL3e9CZW", "patient": "-19990000000003"}200
  
 
==References==
 
==References==

Revision as of 12:50, 11 November 2021

Full Title or Meme

As used in this wiki a Refresh Token is one that is issued together with some sort of Grant that allows the holder of the Grant to request a new one when it expires.

Context

The Refresh Token is a means to maintain a Grant or Authorization to access a Resource over time that enables Revocation of the Grant by the owner of the Resource.

Problems

Solutions

The Refresh Token can be used to renew an expired Grant by going back to a database to assure that the User that issued the Grant has not issued a Revocation.

CURL Refresh

Following is the curl call to refresh access token if it is expired. Thanks to Brady Fausett.

Token Refresh CURL Example:BB_SERVER="<BB2 sandbox or prod URL>"
BB_CLIENT_ID="<your app's client ID>"
BB_CLIENT_SECRET="<your app's client SECRET>"REFRESH_TOKEN="<your refresh token associated with a previously granted access token>"curl -s -w "% 
{http_code}" -X POST "${BB_SERVER}/v1/o/token/" \
   -u "${BB_CLIENT_ID}:${BB_CLIENT_SECRET}" \
   -d "grant_type=refresh_token&client_id=${BB_CLIENT_ID}&refresh_token=${REFRESH_TOKEN}"EXAMPLE RETURN FROM CURL COMMAND:    {"access_token": 
"wlRtbVkXzUdE9Kcjc8wWnpRmJ7KuuC", "expires_in": 36000, "token_type": "Bearer", "scope": "patient/ExplanationOfBenefit.read patient/Coverage.read", 
"refresh_token": "gzKxj0JkKamuaOWZRaIAJyfL3e9CZW", "patient": "-19990000000003"}200

References