Refresh Token
curl --request POST \
--url https://api.example.com/api/auth/refresh \
--header 'Content-Type: application/json' \
--data '
{
"refreshToken": "<string>"
}
'{
"accessToken": "<string>",
"error": "<string>",
"message": "<string>"
}Authentication
Refresh Token
Obtain a new access token using a refresh token
POST
/
api
/
auth
/
refresh
Refresh Token
curl --request POST \
--url https://api.example.com/api/auth/refresh \
--header 'Content-Type: application/json' \
--data '
{
"refreshToken": "<string>"
}
'{
"accessToken": "<string>",
"error": "<string>",
"message": "<string>"
}Refreshes an expired access token using a valid refresh token. This endpoint allows users to maintain their session without requiring them to log in again.
400 Bad Request
Authentication
No authentication required (uses refresh token in request body).Request Body
Valid refresh token obtained from the login endpoint.
Response
New JWT access token for authenticating API requests. Include this in the
Authorization header as Bearer {accessToken}.Example Request
curl -X POST https://api.contafy.com/api/auth/refresh \
-H "Content-Type: application/json" \
-d '{
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}'
Example Response
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJ1c3JfMWEyYjNjNGQ1ZTZmN2c4aCIsImlhdCI6MTcwNTMyMDAwMCwiZXhwIjoxNzA1MzIzNjAwfQ..."
}
Error Responses
Error type identifier.
Human-readable error message.
Common Errors
401 Unauthorized{
"error": "INVALID_TOKEN",
"message": "El refresh token es inválido o ha expirado"
}
{
"error": "VALIDATION_ERROR",
"message": "Refresh token es requerido"
}
Notes
- Access tokens typically expire after 1 hour
- Refresh tokens typically expire after 7 days
- When a refresh token expires, the user must log in again
- Store refresh tokens securely and never expose them in client-side code
⌘I