Refresh Token
admin.auth.session.refresh
The access token is valid for 15 mins, however, the refresh token has an expiry time of typically 1 day. The access token should be used in all subsequent API calls to identify the client application.
When the access token expires, the client must call this API to obtain a new access token. The refresh token received in the request object is validated before the generation of new access token. If the validation fails, the A2003(401) unauthorized is sent in the status code and the user is logged out.
Token hotlisting
Under extraordinary circumstances such as a compromised client, refresh token can be hotlisted. Once hotlisted, the refresh and access token will be denied access to make further API calls. Please reach out to support@indee.tv with your hotlisting request.
Endpoint
POST v1/admin/auth/refreshHTTP Headers
| Header | Value |
|---|---|
| Authorization | Bearer api_key. |
Request Body
{
"refresh_token": <str> #JWT
}| Parameter | Type | Requirement | Description |
|---|---|---|---|
refresh_token |
String | Required | The refresh token represents its namesake as defined in OAuth 2.0. |
Response Body
{
"status_code": "A0000",
"status_message": "success",
"token": <str>, #JWT
}| Field | Type | Description |
|---|---|---|
status code |
String | Status code provided by Indee. |
status_message |
String | Message body of the status code. |
token |
String | The auth token in OAuth 2.0 nomenclature. |
Error Codes
Indee provides a comprehensive list of Error Codes. To know more, see Common Error and Success Codes.