Skip to main content
POST
/
token
Refresh access token
curl --request POST \
  --url https://{subdomain}.auth.{region}.nhost.run/v1/token \
  --header 'Content-Type: application/json' \
  --data '
{
  "refreshToken": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24"
}
'
{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "accessTokenExpiresIn": 900,
  "refreshTokenId": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
  "refreshToken": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
  "user": {
    "avatarUrl": "https://myapp.com/avatars/user123.jpg",
    "createdAt": "2023-01-15T12:34:56Z",
    "defaultRole": "user",
    "displayName": "John Smith",
    "emailVerified": true,
    "id": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
    "isAnonymous": false,
    "locale": "en",
    "metadata": {
      "firstName": "John",
      "lastName": "Smith"
    },
    "phoneNumberVerified": false,
    "roles": [
      "user",
      "customer"
    ],
    "email": "[email protected]",
    "phoneNumber": "+12025550123",
    "activeMfaType": "<string>"
  }
}

Body

application/json

Refresh token to exchange for a new access token

Request to refresh an access token

refreshToken
string
required

Refresh token used to generate a new access token

Example:

"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24"

Response

Access token successfully refreshed

User authentication session containing tokens and user information

accessToken
string
required

JWT token for authenticating API requests

Example:

"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

accessTokenExpiresIn
integer<int64>
required

Expiration time of the access token in seconds

Example:

900

refreshTokenId
string
required

Identifier for the refresh token

Example:

"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24"

refreshToken
string
required

Token used to refresh the access token

Example:

"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24"

user
object

User profile and account information