Refresh token issued by oAuth, no details in documentation on how to use

[Anaerin]

When using the Authorization code flow, I'm issued both an authorization token and a refresh token. Nowhere in the documentation is this refresh token mentioned, nor is it defined when either token expires.

It would be very nice to be a little more verbose with the token issuance (like StreamTip does, for example):

With the authorization_code sent back with the user, you can exchange it for an access token with a POST request to the following endpoint: URL:

https://streamtip.com/api/oauth2/token

POST Data:

client_id=client_id &client_secret=client_secret &grant_type=authorization_code &redirect_uri=redirect_uri &code=authorization_code

Response:

{ "access_token" : "access_token", "refresh_token" : "refresh_token", "token_type" : "bearer", "expires_in" : 86400 }

The generated access_token will expire after 1 day, at which point it will need to be regenerated with the refresh_token. If a refresh_token is not used for 30 days, it is expired and the user will need to reauthorize your application. URL:

https://streamtip.com/api/oauth2/token

POST Data:

client_id=client_id &client_secret=client_secret &grant_type=refresh_token &redirect_uri=redirect_uri &refresh_token=refresh_token

Response:

{ "access_token" : "access_token", "refresh_token" : "refresh_token", "token_type" : "bearer", "expires_in" : 86400 }

Some information like this would be nice, if nothing else.

[3ventic]

The tokens do not expire currently, so you do not need the refresh token.

[DallasNChains]

@3ventic is correct. Currently, tokens don't expire, so there isn't a use case for the refresh token. In the future, you can post questions like these in our developer forums.