Refresh Token

Owned by WayGee Ho (Unlicensed)
Last updated: Aug 20, 2022 by Jonathan Cohen
1 min read

Refresh Token

When the refresh id or access token is needed it can be done by using an already saved refreshToken.
To refresh token Client API should call POST https://stage-account.usta.com /oauth2/token endpoint with the next params (by x-www-form-urlencoded format):

  • client_id = {clientId}

  • grant_type = refresh_token

  • refresh_token = {refreshToken}

and pass API Client credentials by standard Basic Authentication header
Base64encoded: {clientId}:{secret}

EXAMPLE OF REQUEST

curl --location --request POST 'https://stage-account.usta.com/oauth2/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --header 'Authorization: Basic MzBwazRuMzBzNXRpNjV1NGpoaTJ2M2tham06MTBvc3FvcDc5aG1zdmw4cGF2OHVyamVtaWhmMTgwcDA3NnBqM2NuaTZmbWM2NGlhNmt0Mg==' \ --data-urlencode 'grant_type=refresh_token' \ --data-urlencode 'client_id=30pk4n30s5ti65u4jhi2v3kajm' \ --data-urlencode 'refresh_token=eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.Kb8KcXJJZ_goZOeJJW5cZRmiEdaiuB19-zQXsk9gsA2gJ9Uo3xWMS4WkqDX31jujlws7QYqhBr9OohCrqIDx0qVKBCVGjurJSJLQjW2ciCJ7zWeYkFxTKVZbgAf_2i2zp1HkycUlBuOp_9klMigISWjaGZfY5CHagazzipn67ZvTuouqZ8pvIhg-78u15ot-aysXsE4vPVRW2DpY4nUvIgWVGr-gj4zOysJ8l3sM1gpbt5x-4T65kCZiUyswsDFl_u75E6QnP2cDOV76rvTF99mG1fQgsDztasYtc3b-rR-sHBdQnz3lHbqL8NVVBXG0YyKESJsecnW5aeBtYe_Uvw.3pg-9cQeZAhQ0aQ1.U6TKP6YkvT5l7TSclKRLxlZLHnnbaPzhR-S8MuNvUaZTSSEDF9vMeJ65iWIMRI1ysbWnl9mcg65cxYil7WeqALuQrBgYQv6Cepb80dG_of2laJGVIZF99Awdm_ArSeMYGbHkHkFrkbwEpczeW75pkWD5AzeT92Ph15hTTGsBc1R5bqRZceyZATvRO-r3P5ISbyu4lJ2UaBsoFGh0paOuuLeq7d7MO3AnahqV3QabJLpTtJZlopq9iTUpxlNnhimBeNKJnVbBhDM-B2hGzBEA2BynueJ-wP3D9-tabiVuxMIsh2Hqg4VRozwmY5y7mi4iIdxBId9v7KoeyEXSDxgJ-yUg2PXjPZVgujB3eFpfg2WBXhAEHckPVJyjo-F3mKsWFiU71CFkcoHvRnpqN0NJJ0uobafb4z6daYJtS9M1hB-aiklQt-C_M_4mHcxCHAMYqPc6LbRBqBC4V_L2UN_n0sV5m8UMSy-hnbjZaj8NK3pwTgj29LmvCVpsaDHEQnZXGHopQVloO4N5Pc433RzksGDUI8HfWGilkndMhUHpPPsEENifEr_999qYX-3cPnyvAhe3Q2ht13K6XrzQYOHgxnHJ5U5HduHmH5Zhs4XJWiEFE1v4hv9MiDb8Z8Do-Xl6TgU5JF5Gos7ivHI9aiwZqW2RZkrI1aL_C3hdZB3cdo7GGvOZW3sdk6ZueKmM8PUzOkBc-BlJMsJEvOn7cvIJAhtgjwToC-C0VDTSg_ZdUBNaP1ugVGlu_KeEGDKor-b2-GVlQxtZPr_OXNgpvWcEsKUwAwT-Xpl7XlKzOMlmxOxMBGseO1lZOJ9G2lrz1YLhkzgU-MVlmlD3P3YkSDLJ_QTXw3lAiLx5wqHkmapCr4X8hjV-CwJFQeVa_ACnVNv2DhenW3U0S6TlWrrNa43r4hjbA7A3Pi8lr6nrT1hskwLwuj7mSFpGWJuZjp0O0rPFbaYt4a_uyAqyJnORPgwZnO2je92oMB0M37su8wd_xfe_AqQcYQhIVveu7-g0JDUUVcyyrdBkjJgNQ_C9QT7-Z0RvB03bAOEXrdqRLntoA0qR_pDGDvdnSf4oPbRffqdRcdh6WF8TD9Q8fVDwxr4YWE0fsuwVTbt_xdayqjlC2ztBJ9e1IsytHbksaea1r11993rGk87wVrgdsEFsSkwiq5ihP6wXrjLIQ6oy3H6rgCRjqyyDwzvW1cvDzVfYgZaC3Cm13msAME1GwZX63BH6BVQbBSQtIfbGOdgFMleTpAtn4hcALGSu8YJjRqYyi0olBOFOfIBIMTvKZSM7cQKqmoOKMyQnDGFfkdkzEG7Vyrf26L41zcpLM-sAK46k3Ilp9N1Jz7kW_U7YUfVy-j51HgVfxlH_7NIhmFHOH4Xj5LuSpTMdFdvxuGQfKYisjIjsEywtZdzzbNbTl5tQ5IlpoZIxo31tvgO6O_eQMteLlqBTmxJ-mB8AO9akcQupIDvDC0HC6VbrkP1lOECg-4qYqQB_2WL23KB9Oz-Ij7N-wB2praA1PnC6OjWwQyPLwmGnpie9tkFJ3thVRGWZHNHDxD9Cc9ZciaQ.LaCwKUWt3cyxyQIvaHWIuw'

EXAMPLE OF RESPONSE

{ "id_token": "eyJraWQiOiJCaVRJbkU4c1YzZDkyRnNhejFjS1FlckVIXC9OU3Y5a0YzY2FabWNSY3ZSdz0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOF84TjRVX2VDdFRKUWtUTk1zQmYxdyIsInVhaWQiOiIyMDE3MDA4MDQ1Iiwic3ViIjoiNmRkMWNiZDctY2QxMi00MDM4LTlhNDAtYmU3YmM5ZjA0OTgwIiwiYXVkIjoiMzBwazRuMzBzNXRpNjV1NGpoaTJ2M2tham0iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE1ODQwMjI5OTgsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC51cy1lYXN0LTEuYW1hem9uYXdzLmNvbVwvdXMtZWFzdC0xX0ZJekpWQnJsTCIsImNvZ25pdG86dXNlcm5hbWUiOiI2ZGQxY2JkNy1jZDEyLTQwMzgtOWE0MC1iZTdiYzlmMDQ5ODAiLCJleHAiOjE1ODQwMjY2MzAsImlhdCI6MTU4NDAyMzAzMCwiZW1haWwiOiJuZXd1c2VyMDYwM0BtYWlsaW5hdG9yLmNvbSJ9.L4JPAdq9CWDjetX9Mhhbqk1a2xnwKuPM6PFZ8c0FvY6gAksg6Xy5pRWJ4CozMCKtfY05XbVXPkLr9sTEzROSQ8CzSWeDC3gi7V2pK6ZWMdUG49-tizqyTssQ45OnR91C1WyaXv21QjisNw50QIqw5-N6T-UxoUcaqIOlwMfsVbDK0eHPuzFrOmWQxE02hKjwMNQfoILNZEm_baMpvfGN3eAHTpQ0l-b-m8G7pcumZuZPeiucpBWNluRDOXcqf8LCdehWwUqkfsOKlXJGeuAlQE6GdfSBfscGd27ewTDFj0qtsAOFD_WIF18TcGbwaF9_BoqkKZyiRPpNaq4koQdTig", "access_token": "eyJraWQiOiJCS3ViejVJeDhGOGNadHBJRTI4MjFqTkZFQlUzWGRYN29qdjNKWGV5RXpnPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI2ZGQxY2JkNy1jZDEyLTQwMzgtOWE0MC1iZTdiYzlmMDQ5ODAiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6ImFwaS1jdXN0b21lclwvY3VzdG9tZXI6cmVhZF91bmJvdW5kIG9wZW5pZCBhcGktY29tbW9uXC9yZWZlcmVuY2UuZGF0YTpyZWFkIHByb2ZpbGUgYXBpLWZhY2lsaXR5XC9mYWNpbGl0eTpyZWFkX3VuYm91bmQgYXBpLW9yZ2FuaXphdGlvblwvb3JnYW5pemF0aW9uOnJlYWRfdW5ib3VuZCBlbWFpbCBhcGktY3VzdG9tZXJcL2N1c3RvbWVyOnJlYWQiLCJhdXRoX3RpbWUiOjE1ODQwMjI5OTgsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC51cy1lYXN0LTEuYW1hem9uYXdzLmNvbVwvdXMtZWFzdC0xX0ZJekpWQnJsTCIsImV4cCI6MTU4NDAyNjYzMCwiaWF0IjoxNTg0MDIzMDMwLCJ2ZXJzaW9uIjoyLCJqdGkiOiI3Y2FiZTYxMC1hMjc2LTRmOWUtYTUwZC04MzA4YWNiZWUyNDgiLCJjbGllbnRfaWQiOiIzMHBrNG4zMHM1dGk2NXU0amhpMnYza2FqbSIsInVzZXJuYW1lIjoiNmRkMWNiZDctY2QxMi00MDM4LTlhNDAtYmU3YmM5ZjA0OTgwIn0.ENJ2Zg4iJeTP7NUDXhS-7VIJgE2kKWldTpHb7smR4RS5vvm8SfEK26GjkEDJ_BsBAbUOc7uVHvYMJZAabVysSs6S_FxgZHTptVrLDp6kH3XR-WS41GC_wiZS_aBUz4dLqZcxJvNpIj-_7lVOHLI0I9Vlf3Lsjv1pIpNGRNtE28JCgEncZW7riVBeAIuHDODYD5CrtwpvmHzEwCSxlA5fQPr7KE1Co5zd7GWbL3EOnrIzcsNsioEolLHYkV2CFjpjJ7rCmj45fT4n-yG7yYh32VOcezBU1QM94j5w9NO_E0gnhQ5gXHA5PYpSfXc1xn7W4ckJXJmbmdZ5zC9CxA1z_Q", "expires_in": 3600, "token_type": "Bearer" }

The refresh token cannot be refreshed - it is obtained once during login process and it is valid for 30 days.

 

Clients should save tokens for future usage:
refresh_token - can be saved on the server-side in session or other safe storage, must not be passed to the browser