Authentication
Refresh JWT access token
Refresh the current user JWT access token with an optional custom validity period.
POST
Refresh JWT access token
Refresh JWT access token
Refreshes the authenticated user’s JWT access token, generating a new token and returning it in the response. This is useful when you need a fresh token with a different validity period than the original.Authentication
Requires a valid customer bearer token via theAuthorization header.
Request Body
Response
Returns anActionConfirmation envelope.
true when the token was refreshed successfully.The new JWT access token string. Use this as the
Authorization: Bearer value for subsequent API requests. null when WasSuccessful is false.HTTP-style status code mirrored in the response body.
200 on success, 500 on failure.Human-readable message. Usually
"OK" on success.Validation or server errors.
null on success.Examples
Refresh with default validity (30 minutes)
Refresh with custom validity (60 minutes)
Admin Endpoint: Refresh Another User’s Token
An admin variant of this endpoint exists atPOST /api/sys/users/{id}/token/refresh which allows refreshing the token for a specific user by ID.
Authentication
Requires a bearer token withADMIN role or User-Edit permission.
URL Parameter
Request Body
Same as the current-user endpoint — optionalValidityInMinutes.
Example
Use Cases
Extending token validity
When the default token validity is insufficient for a long-running operation, request a fresh token with an extended validity period:Token rotation
Periodically refresh the access token to maintain a fresh validity window without requiring the user to re-authenticate.Error Responses
The bearer token is missing, expired, or invalid. The user must sign in again via
POST /api/token.Returned when the authenticated user cannot be resolved from the token, or (for the admin endpoint) when the admin lacks access to the target user.
Related Endpoints
Refresh JWT access token