Console développeur
Merci de votre visite. Cette page est disponible en anglais uniquement.

Use the refresh token to get new tokens

When you obtain an access token, you will also get the refresh token if the client_secret is passed in request. Save your refresh token information in a secured place. You will need the refresh token to get a new access token after the current one expires.

📘 Do these steps only when your access token expires.

  1. Select endpoint to request for refresh token.
Endpoint Region
https://api.amazon.co.uk/auth/o2/token Europe (EU)
https://api.amazon.com/auth/o2/token North America (NA)
https://api.amazon.co.jp/auth/o2/token Far East (FE)
  1. In your POST request, include the parameters listed in the table.
Parameter Description
grant_type The type of access grant requested. Must be refresh_token.
refresh_token A long-lived token that can be exchanged for a new access token.
client_id The client identifier of your Application.
client_secret Optional. The secret value assigned to the client during registration. Don't use the client secret in a browser-based app because client secrets shouldn't be stored on web pages. If no client_secret is passed, the response returns no refresh token.
  1. Do the POST request.

Sample CURL request using the NA endpoint:

curl -X POST --data \n
     'grant_type=refresh_token
     &refresh_token=$REFRESH_TOKEN
     &client_id=$CLIENT_ID_FROM_PROFILE
     &client_secret=$CLIENT_SECRET_FROM_PROFILE' 
   https://api.amazon.com/auth/o2/token'

Sample response:

HTTP/l.l 200 OK
Content-Type: application/json;charset UTF-8
Cache-Control: no-store
Pragma: no-cache
{
  "access_token":"Atza|example-Dme37rR6CuUpSR",
  "token_type":"bearer",
  "expires_in":3600,
  "refresh_token":"Atzr|example-tpJX2DeX"
}
  1. Proceed to Step 3. Construct URI and authorize request.

Last updated: Nov 21, 2024