Refreshing an Access Token

Due to the limited access token lifetime of 86400 seconds (24 hours), the client has to request a new access token as soon as the access token expired. This can be done by using the following token endpoint.

 

Access Token Endpoint

Access Token Refresh Request

HTTP Method

POST

URL

https://api.home-connect.com/security/oauth/token

Request Header

  • Content-Type: application/x-www-form-urlencoded

Body Parameters

  • client_secret [optional]: generated client secret (see Applications) Please note that this parameter is required for the authorization code grant flow.
  • grant_type [mandatory]: must be refresh_token
  • refresh_token [mandatory]: returned by previous token response
  • scope [optional]: can be used to reduce the original set of permissions. If not defined, the original scope will be kept.
  • state [optional]: can be used to store client state information
client_secret={client_id}&grant_type=refresh_token&refresh_token={refresh_token}&scope={scope}&state={state}

 

Access Token Refresh Response

The request will return the new access token in the HTTP body.

HTTP Status Code

Code Short Description Long Description
200 OK Request succeeded
400 Bad Request see Authorization Errors
403 Forbidden see Authorization Errors
415 Unsupported Media Type The request's Content-Type is not supported, expected: application/x-www-form-urlencoded
503 Service Unavailable see Authorization Errors

Response Header

  • Content-Type: application/json

Response Parameters

  • id_token [mandatory]: same as access token
  • access_token [mandatory]: token to be used in subsequent Home Connect API requests
  • expires_in [mandatory]: expiration time of the access token and id_token in seconds, default: 86400
  • scope [mandatory]: permissions requested by the client application separated by space
  • refresh_token [mandatory]: refresh token (expires if it wasn't used within 2 months)
  • token_type [mandatory]: type of the token, currently always Bearer
  • state [optional]: state provided by the client in the request

Example


{
    "id_token": "{id_token}",
    "access_token": "{access_token}",
    "expires_in": 86400,
    "scope": "{scope}",
    "refresh_token": "{refresh_token}",
    "token_type": "Bearer",
    "state": "{state}"
}