Refresh your application's tokens

POST {{auth_url}}/oauth/token

If your application needs to call the VideoAsk API over longer periods of time without user involvement, your application can request a special refresh token during the first authentication call, then use this refresh token to obtain new access tokens without asking for user permission each time.

To receive a refresh token in the first place, your application must pass an extra offline scope during the authorization code request:

https://auth.videoask.com/authorize?response_type=code&audience=https://api.videoask.com/&client_id=${your_client_id}&scope=openid%20profile%20email%20offline_access&redirect_uri=${your_redirect_url}

If the user agrees to grant your application the required permissions, in the authorization code response to the access token exchange request, your application will receive the access_token and an extra parameter called refresh_token. You can use the value of this refresh_token parameter to obtain a new access token at any time as per RFC 6749.

curl --request POST \
  --url https://auth.videoask.com/oauth/token \
  --data-urlencode 'grant_type=refresh_token' \
  --data-urlencode 'refresh_token={your_refresh_token}' \
  --data-urlencode 'client_id={your_client_id}' \
  --data-urlencode 'client_secret={your_client_secret}' \
  --data-urlencode 'scope=openid profile email offline_access'

The response for this request is nearly identical to the response for the authorization code to the access token exchange request. A new access token will be returned in the response.

Request Body

[{"name"=>"grant_type", "value"=>"refresh_token", "datatype"=>"string"}, {"name"=>"refresh_token", "value"=>"{refresh_token}", "datatype"=>"string"}, {"name"=>"client_id", "value"=>"{your_client_id}", "datatype"=>"string"}, {"name"=>"client_secret", "value"=>"{your_client_secret}", "datatype"=>"string"}]