POST
/refresh-token
Refresh JWT token
Authentication
Description
Exchange an expired (or valid) JWT token and a refresh token for a new JWT and refresh token pair.
The old refresh token is invalidated after use (single-use).
Send the JWT in the Authorization header and the refresh token in the request body.
Parameters
Authorization
string
header
required
Bearer token (can be expired)
Request Body
requiredapplication/json
refresh_tokenstringrequired
The refresh token received from signin or a previous refresh
Example:
dGhpcyBpcyBhIHNhbXBsZSByZWZyZXNoIHRva2VuResponses
200
Token refreshed successfully
application/jsonstatusstring
Example:
successmessagestring
Example:
Token refreshed successfullytokenstring
New JWT token for authentication (valid for 24 hours)
refresh_tokenstring
New refresh token (old one is invalidated)
401
Invalid or missing token/refresh token
application/json
403
Account disabled
application/jsonExample:
{
"status": "error",
"message": "This account is disabled"
}