API :: Refresh token

The access token can expire. When it happens, the application must require a new token using the refresh token.

For refreshing the token, the client application needs to access /oauth/token URL with the grant type refresh_token:

  "client_id": $CLIENT_ID,
  "client_secret": $CLIENT_SECRET,
  "redirect_uri": $CALLBACK_URL,
  "grant_type": "refresh_token",
  "refresh_token": $REFRESH_TOKEN

It will return a JSON bringing the following keys:

  "access_token": "the access token",
  "token_type": "bearer",
  "expires_in": "how much seconds to expire",
  "refresh_token": "the refresh token",
  "scope": "profile (maybe invite too)",
  "created_at": "when it was created",
  "api_token": "PW1 API token"