Skip to content

Commit 1e33382

Browse files
DorthuDorthu
committed
Include required grant_type parameter in docs for refreshing oauth tokens
This parameter is required for the refresh request to succeed, but is absent from the documentation at present.
1 parent 9a6a640 commit 1e33382

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

openapi.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -84,7 +84,7 @@ info:
8484
| 4. The login server redirects the user to the specificed redirect URL with a temporary authorization `code` (exchange code) in the URL. | 4. The login server redirects the user back to your application with an OAuth `access_token` embedded in the redirect URL's hash. This is temporary and expires in two hours. No `refresh_token` is issued. Therefore, once the `access_token` expires, a new one will need to be issued by having the user log in again. |
8585
| 5. The application issues a POST request (*see below*) to the login server with the exchange code, `client_id`, and the client application's `client_secret`. | |
8686
| 6. The login server responds to the client application with a new OAuth `access_token` and `refresh_token`. The `access_token` is set to expire in two hours. | |
87-
| 7. The `refresh_token` can be used by contacting the login server with the `client_id`, `client_secret`, and `refresh_token` to get a new OAuth `access_token` and `refresh_token`. The new `access_token` is good for another two hours, and the new `refresh_token`, can be used to extend the session again by this same method. | |
87+
| 7. The `refresh_token` can be used by contacting the login server with the `client_id`, `client_secret`, `grant_type`, and `refresh_token` to get a new OAuth `access_token` and `refresh_token`. The new `access_token` is good for another two hours, and the new `refresh_token`, can be used to extend the session again by this same method. | |
8888

8989
### OAuth Private Workflow - Additional Details
9090

@@ -103,6 +103,7 @@ info:
103103

104104
| PARAMETER | DESCRIPTION |
105105
|-----------|-------------|
106+
| grant_type | The grant type you're using for renewal. Currently only the string "refresh_token" is accepted. |
106107
| client_id | Your app's client ID. |
107108
| client_secret | Your app's client secret. |
108109
| code | The code you just received from the redirect. |

0 commit comments

Comments
 (0)