[POST] Get Refresh Token
- Que Nguyen
Table of Contents
Changelogs
Version | Date | Changes by | Description of change |
V1.0 | April 10, 2024 | Que Nguyen |
|
V1.0.1 | May 30, 2024 | Que Nguyen |
|
Release status
Environment | Status | Released Date | Version |
DEV | Released | April 10, 2024 | V1.0.1 |
UAT | RELEASED | April 17, 2024 | V1.0 |
PROD | RELEASED | May 15, 2024 | V1.0 |
The Token resource
The primary resource that you will be interacting with when retrieving the authorization token.
AccessToken text User access token Token lifetime: Authentication | Access Token: |
RefreshToken text User refresh token. Using in API “GET Refresh Token” Token lifetime: Authentication | Refresh Token: |
ExpiresIn int Token’s expired time in second |
TokenType text Type Identifier: |
Scope text Collection of scopes granted for this user access token. |
{
"AccessToken": "{{AccessToken}}",
"RefreshToken": "{{RefreshToken}}",
"ExpiresIn": "3600",
"TokenType": "Bearer",
"Scope": "REConnect_api REDEX_api REHash_api"
}API Definitions
POST /public/v2/connect/token/refresh
Request Header
Content-Type |
|
Request Payload
RefreshToken (required) text
|
GrantType (required) text Grant type: |
ClientId (required) text System / App / Platform unique identifier Max length: 36 |
ClientSecret (required) text System / App / Platform secret Max length: 36 |
curl -X POST 'https://uat-api.redex.eco/public/v2/connect/token/refresh' \
-H 'Content-Type: application/json' \
-D '{
"RefreshToken": "4d7869f0-71cc-43d8-8b82-1f87db6eda2f",
"GrantType": "refresh_token",
"ClientId": "3Yj1rQvcDGYXqXtaxDNyWaNkWPUAwJ",
"ClientSecret": "fNDq3vGM26wzOqr9OMUXQkxdG5J3$o"
}'Response
Response Body |
Data object Return Token Resource above 返回上面的Token资源 |
Errors list of error objects Please see "Getting Started - #Error Object" for more details 请查看Getting Started - #Error Object以获得更多信息。 |
Meta null object Return null object |
StatusCode integer Http Status codes standard. Example http状态码,如200,201,404 |
Message text Response message: Success or error message. 返回成功或错误的信息。 |
200 Success
{
"Data": {
"AccessToken": {{AccessToken}},
"RefreshToken": {{RefreshToken}},
"ExpiresIn": "3600",
"TokenType": "Bearer",
"Scope": "REConnect_api REDEX_api REHash_api"
},
"Errors": null,
"StatusCode": 200,
"Message": "Return tokens successfully",
"Meta": null
}
401 Unauthorized
Rate limit
Rate Limit Algorithm: Fixed Window
In fixed window rate limiting, a fixed time window (e.g., one minute, one hour) is used to track the number of requests or actions allowed within that window. Requests exceeding the limit are either rejected or throttled until the window resets.
Rate Limiting Overview
Our API employs rate limiting to ensure fair usage and protect the performance and availability of the service. Combination of Global Policy and Operation Policy
Global Policy
Rate Limit: 3000 requests per 5 minute(s)
Renewal Period: 300 second(s)
Key: IP Address
Increment Condition: Any Request
Operation Policy
Rate Limit: 10 requests per 1 minute(s)
Renewal Period: 60 second(s)
Key:
RefreshTokenthe refresh token from request body.Increment Condition: Any Request
Rate Limit Details
Rate Limit by Key:
Key: This ensures that rate limits are applied uniquely for each refresh token.
Request Limit: Each key is allowed to make up to 10 requests per minute
Reset Interval: The limit resets every 60 seconds
Response Headers:
Retry-After: Sent when the rate limit is exceeded, indicating how long to wait before making another request.
Exceeding the Rate Limit
When the rate limit is exceeded, the API will return a 429 Too Many Requests status code. The response will include a Retry-After header specifying the number of seconds to wait before making a new request.
Example Response When Rate Limit is Exceeded