Skip to main content
Skip table of contents

Refresh token

When Client applications connect to the NAGRA OPF Platform to gain service, access is gated via an initial authentication of identity which yields an identity Access Token and a Refresh Token.

  • The Access Token is limited to a small value, typically one hour
  • The Refresh Token is more durable, for example up to 48 hours

When a Client discovers their Access Token has expired, the Refresh Token is submitted. The Account and Device status are verified that they are still valid, and if so, both the Access Token and the Refresh Token are re-issued and sent in response to the Client. The Client then updates its Token store and uses the Access Token as usual. When the new Access Token expires, the cycle is repeated. If the Refresh Token is found to have expired, the Client will be directed back to credentials sign-on as all information would be too old to trust.

Request

Send a POST request to:

XML 

POST ias/v2/token?grant_type=refresh_token&refresh_token={JWT decoded token}
Click here for a diagram showing the flow of calls and responses for various use cases.


Response

JS 
{ 
  "access_token": { 
 "typ": "DevAuthN",
 "ver": "1.0",
 "exp": 1523634252680,
 "tenantId": "nagra",
 "accountId": "account_123",
 "userId": "Alex999",
 "deviceId": "client_id_1",
 "jti": "398a9926-bd59-44d2-9a83-b954e74587f5",
 "geoBlockExempt":false,
 "countryCode": "UK" },
 "refresh_token":{ "typ":"RefreshAuthN",
 "ver":"1.0", "exp":1465526662,
 "fixed_exp":1475526662,
 "tenantId":"tenant_123",
 "accountId": "account_123",
 "userId": "user_123",
 "deviceId":"device_123" },
 "client_id": "client_id_1",
 "accountId": "account_123",
 "token_type": "bearer",
 "expires_in": 3600,
 "refresh_expires_in":172800,
 "fixed_refresh_expires_in":7776000
}
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close