Refresh Token

+--------+                                           +---------------+
|        |--(A)------- Authorization Grant --------->|               |
|        |                                           |               |
|        |<-(B)----------- Access Token -------------|               |
|        |               & Refresh Token             |               |
|        |                                           |               |
|        |                            +----------+   |               |
|        |--(C)---- Access Token ---->|          |   |               |
|        |                            |          |   |               |
|        |<-(D)- Protected Resource --| Resource |   | Authorization |
| Client |                            |  Server  |   |     Server    |
|        |--(E)---- Access Token ---->|          |   |               |
|        |                            |          |   |               |
|        |<-(F)- Invalid Token Error -|          |   |               |
|        |                            +----------+   |               |
|        |                                           |               |
|        |--(G)----------- Refresh Token ----------->|               |
|        |                                           |               |
|        |<-(H)----------- Access Token -------------|               |
+--------+           & Optional Refresh Token        +---------------+

Token Request

POST /oauth2/token HTTP/1.1
Host: id.btgpactual.com
Content-type: application/x-www-form-urlencoded
Authorization: Basic <client_id:client_secret> // Base 64 encoded

grant_type=refresh_token&refresh_token={refresh_token}&client_id={client_id}

Token Response

HTTP/1.1 200 OK
Content-Type: application/json

{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6ImF0K2p3dCIsImtpZCI6InZfT2NvN21uRjBwbERCTU9FTUxlRjFhc01jR3hERURxVVhXdktHWUtWOFkifQ.eyJzdWIiOiIwMDUwNjQ5MzI5NiIsInNjb3BlIjoiYXBwcyBlbWFpbCBvcGVuaWQgcHJvZmlsZSB3ZWJob29rcyIsImlzcyI6Imh0dHBzOi8vaWQuYnRnbWFpc2J1c2luZXNzLmNvbSIsImV4cCI6MTYyODc0MDQxMSwiaWF0IjoxNjI4NjU0MDExLCJjbGllbnRfaWQiOiJkZXZlbG9wZXJzLmRldnBvcnRhbCIsImp0aSI6IjNsX0JKVldZTHhmSnh6ckFhb1lDTjZCVVU5Wks5S3hkb3ZiY0xZNTNNdUEifQ.Vp8CxDXaP9TST5NGpygyqf85cHg5reiT8HtW1WbcPFYshOUaVtiExbUDR_ZSyV-doeUlGNyRq_FSL_bf5HFlOQF6QAtX9i9pYBQGUZGptW8S3a9WjDsMeOluk1BHimuPFOp8jK6vHazfqzHuki-3w4_nJTx_qKK77Wx7FC3XqojE2oXpkN6VnezLTXW5V-tQEVqNCF9Fp_pOS-UtBWwO6UUHRBYXc4JtB0IbxIOS38r1gGiKgaePb7s6Z66ZD4zjc5A_xZeLmBzrdSxLXrcJp7au5gx6Y9tgw3hDFSA9AGZlI35fIAGhU7_jD0DtpFXrQWLbN5lF5663NWvyhbYlwg","refresh_token":"WV6G4HKBrvgiLoFdMBiVxeCHWvqIOr1ASkMcYmX-EI8","scope":"apps email openid profile webhooks","id_token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIwMDUwNjQ5MzI5NiIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJhdXRoX3RpbWUiOjE2Mjg2NTM5ODUsImN1c3RvbTpvcmlnaW4iOiJhZG1pbiIsImVtYWlsIjoiZW1lcnNvbi5zb2FyZXNAYnRncGFjdHVhbC5jb20iLCJpc3MiOiJodHRwczovL2lkLmJ0Z21haXNidXNpbmVzcy5jb20iLCJhdWQiOlsiZGV2ZWxvcGVycy5kZXZwb3J0YWwiXSwiZXhwIjoxNjI4NzQwNDExLCJpYXQiOjE2Mjg2NTQwMTEsInNfaGFzaCI6IlVhQkdKSEV2d24tOHl3OXZabW45ZmcifQ.Urg9j5s9BckHVTqsJGJASc1FlcJoHgllDNdc5WJY3EQ","token_type":"Bearer","expires_in":86400}