Refresh Token
Method : POST
URL : https://oauth.revenuemonster.my/v1/token
Sandbox URL : https://sb-oauth.revenuemonster.my/v1/token
Refresh token is used to get new access token
- When Access Token has expired (29 days)
- Access token is compromised/hacked/stolen/destroyed
In case you lost your refresh token or do not want to deal with refresh token, you may opt to get new access token/refresh token using client credentials again. But this is not a suggested practice. (You don't want your clientid/clientsecret always exposed in network traffic. That is why you should use refresh tokens.)
#
Step 1 : Get Client ID and Client SecretTo get your Client ID and Client Secret , go to RM Merchant Portal > Developer > Application
Parameter | Type | Required | Description | Example |
---|---|---|---|---|
ClientID | String | Yes | Client ID or AppID as obtained from RM Merchant Portal. | 3208919753194101125 |
ClientSecret | String | Yes | Client secret or AppSecret as obtained from RM Merchant Portal. | mglve4W3UhPSGOV7gnwoYKyvbRCe83zZ |
#
Step 2 : Encode the parameters from Step 1 in Base 64 formatStructure:
clientID
:clientSecret
Example:
Before Base64 encoding:
3675930941412424316:wmn7FUauXHdkoYa9182kCMkjGnNJVgin
After Base64 encoding:
MzY3NTkzMDk0MTQxMjQyNDMxNjp3bW43RlVhdVhIZGtvWWE5MTgya0NNa2pHbk5KVmdpbg==
#
Step 3 : Put the Base64 encoded in HeadersContent-Type : application/json
Authorization : Basic MzY3NTkzMDk0MTQxMjQyNDMxNjp3bW43RlVhdVhIZGtvWWE5MTgya0NNa2pHbk5KVmdpbg==
More info: Authentication
In Body Request :
Parameter | Type | Required | Description | Example |
---|---|---|---|---|
grantType | String | Yes | Only support refresh_token | refresh_token |
refreshToken | String | Yes | Refresh token is obtained from response parameter when access token is generated. | Random String |
Example Request
#
Response ParametersParameter | Type | Description | Example |
---|---|---|---|
accessToken | String | Required for subsequent request(s) | Access Token |
tokenType | String | We only support “Bearer” type | Bearer |
expiresIn | String | Token expiry, in seconds format. “72591999” means 72591999 seconds or 30 day | 72591999 |
refreshToken | String | Required for getting new access token after expiry | Refresh token string |
refreshTokenExpiresIn | String | Token expiry, in seconds format. “1576799999” means 1576799999 seconds | 1576799999 |
Example Response