Back to top

Step 2 — Get access and refresh tokens

Last updated June 26th, 2024

You can call the POST /oauth2/token operation to get access and refresh tokens in exchange for the authorization code. The following are the default expiration times for these tokens:

  • Access token - Short lived, 10 minutes.
  • Refresh token - Long lived, 90 days.
  • Authorization code - Short lived, 1 minute.

To get a new refresh token before its expiry, see Step 4 – Refresh access token for more information.

The following request sample shows how you can get access and refresh tokens using the authorization code:

--location '' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'client_id={OAUTH2_CLIENT_ID}' \
--data-urlencode 'client_secret={OAUTH2_CLIENT_SECRET}' \
--data-urlencode 'redirect_uri={REDIRECT_URL_USED_IN_AUTHZ_CODE_REQ}' \
--data-urlencode 'code_verifier={PKCE_CODE_VERIFIER}' \
--data-urlencode 'code={AUTHORIZATION_CODE}'

You receive the access and refresh tokens in the below format. The value of expires_in denotes the number of seconds that the access token is valid for. You need an active access token every time you make Knox cloud services API call.

  "expires_in": 599,

Is this page helpful?