Skip to main content
POST
/
token
/
provider
/
{provider}
Refresh OAuth2 provider tokens
curl --request POST \
  --url https://{subdomain}.auth.{region}.nhost.run/v1/token/provider/{provider} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "refreshToken": "1//0gK8..."
}
'
{
  "accessToken": "ya29.a0AfH6SMBx...",
  "expiresIn": 3599,
  "expiresAt": "2024-12-31T23:59:59Z",
  "refreshToken": "1//0gK8..."
}

Authorizations

Authorization
string
header
required

Bearer authentication with JWT access token. Used to authenticate requests to protected endpoints.

Path Parameters

provider
enum<string>
required

The name of the social provider

Available options:
apple,
github,
google,
linkedin,
discord,
spotify,
twitch,
gitlab,
bitbucket,
workos,
azuread,
entraid,
strava,
facebook,
windowslive,
twitter

Body

application/json

Provider refresh token to exchange for a new access token

Request to refresh OAuth2 provider tokens

refreshToken
string
required

OAuth2 provider refresh token obtained from previous authentication

Example:

"1//0gK8..."

Response

Successfully refreshed provider tokens

OAuth2 provider session containing access and refresh tokens

accessToken
string
required

OAuth2 provider access token for API calls

Example:

"ya29.a0AfH6SMBx..."

expiresIn
integer
required

Number of seconds until the access token expires

Example:

3599

expiresAt
string<date-time>
required

Timestamp when the access token expires

Example:

"2024-12-31T23:59:59Z"

refreshToken
string | null

OAuth2 provider refresh token for obtaining new access tokens (if provided by the provider)

Example:

"1//0gK8..."