Skip to main content

Refresh an expired JWT

POST 

/auth/refresh

Exchanges a valid refresh token for a new JWT (and a new refresh token). The original refresh token is invalidated after use.

Requirements

  • The refresh-token feature must be enabled in the plugin settings.
  • The refresh token must exist in the database and not have exceeded the maximum token age configured in the plugin settings.
  • If "Authentication Requires Auth Code" is enabled, AUTH_KEY must be provided.

Request

Responses

JWT refreshed successfully. Returns a new JWT and a new refresh token.