Refresh access token

post

https://api.box.com

/oauth2/token

Refresh an Access Token using its client ID, secret, and refresh token.

Related Guides

Request

Content-Typeapplication/x-www-form-urlencoded

Request Body

client_id stringin bodyrequired

examplely1nj6n11vionaie65emwzk575hnnmrk

The client ID of the application requesting to refresh the token.

client_secret stringin bodyrequired

examplehOzsTeFlT6ko0dme22uGbQal04SBPYc1

The client secret of the application requesting to refresh the token.

grant_type string / urnin bodyrequired

examplerefresh_token

Value is always refresh_token

refresh_token string / tokenin bodyrequired

examplec3FIOG9vSGV4VHo4QzAyg5T1JvNnJoZ3ExaVNyQWw6WjRsanRKZG5lQk9qUE1BVQ

The refresh token to refresh.

Response

200application/jsonAccess token

Returns a new Access Token that can be used to make authenticated API calls by passing along the token in a authorization header as follows Authorization: Bearer <Token>.

400application/jsonOAuth 2.0 error

An authentication error.

defaultapplication/jsonOAuth 2.0 error

An authentication error.

post

Refresh access token

You can now try out some of our APIs live, right here in the documentation.

Request Example

cURL

curl -X POST https://api.box.com/oauth2/token \
     -H 'Content-Type: application/x-www-form-urlencoded' \
     -d 'client_id=[CLIENT_ID]' \
     -d 'client_secret=[CLIENT_SECRET]' \
     -d 'refresh_token=[REFRESH_TOKEN]' \
     -d 'grant_type=refresh_token'