Refresh the session

POST

/v1/iam/auth/refresh

const url = 'http://localhost:8080/v1/iam/auth/refresh';
const options = {method: 'POST'};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}

curl --request POST \
  --url http://localhost:8080/v1/iam/auth/refresh

Lit le refresh depuis cookie apophis_rt ou body { refreshToken }. Rotation atomique : l’ancien refresh devient inutilisable. Replay détecté = kill toutes les sessions du User.

Responses

200

Tokens rotated.

application/json

object

status

required

string

Allowed value: success

code

required

string

data

required

object

sessionId

required

string

expiresAt

required

string format: date-time

requiresPasswordSetup

required

boolean

csrfToken

required

string

cache

object

hit

required

boolean

key

string

ageSeconds

integer

expiresAt

string format: date-time

timing

object

totalMs

required

integer

dbMs

integer

externalMs

integer

deprecation

object

sunset

required

string format: date-time

successor

string

note

string

Example

{
  "status": "success"
}

401

Authentification manquante ou invalide.

application/json

object

status

required

string

Allowed value: error

code

required

string

error

required

object

message

string

requestId

required

string

details

Array<object>

object

path

string

code

string

message

string

key

additional properties

Example

{
  "status": "error"
}

429

Rate-limit dépassé. Header Retry-After retourné.

application/json

object

status

required

string

Allowed value: error

code

required

string

error

required

object

message

string

requestId

required

string

details

Array<object>

object

path

string

code

string

message

string

key

additional properties

Example

{
  "status": "error"
}