How to use refresh token to obtain new access token on django-oauth-toolkit?

Question

I am using django-oauth-toolkit 0.7 in my Django project for providing Oauth2 through my website.

I have followed the steps here and successfully got the access token, but I am unable to get new access token(if the access token is expired) with the refresh token.

I am able to get the access token with consumer client, but how can I get this with my url in my web site, because I am unable to see what parameters are going to my site when I try to get a new access token with refresh token.

My access and refresh tokens are like this:

{
  "access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
  "expires_in":3920,
  "token_type":"Bearer",
  "refresh_token":"1/xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
}

Any help would be much appreciated.

Answer 1

To get a new access_token, by using your existing refresh_token you need to send a POST request to the same url you used to get the token in the first place (/o/token/, assuming the default url). The grant_type would now be refresh_token, and you also need to authenticate with your client credentials, since you were issued some.

To summarize: curl -X POST -d "grant_type=refresh_token&client_id=<your_client_id>&client_secret=<your_client_secret>&refresh_token=<your_refresh_token>" http://localhost:8000/o/token/

If you want more information, you can checkout this link to see the relevant section of the standard.