Forum Academy Marketplace Showcase Pricing Features

Getting a new Access Token using the Refresh Token

Hi. I’m able to use the bubble API and send requests from a third party app to login a user and retrieve the access and refresh tokens. The access token only lasts 1 day. Does anyone know what the API call should be to use the refresh token to get a new access token. Does it even make sense to do this daily? Instead, can I just make a call to get the access token again as I know the temp code will be sent back either way as the user is still logged in. Please let me know, thanks!

1 Like

Can you share your API connector Settings? Are you using the Bubble native oAuth2 auth?

Not sure which settings to show. I am using 3rd Party OAuth in order for my separate extension to send an API call to the bubble app for user data:

The Public API Endpoint settings are basic. Data and Workflow API are enabled. Is there a different part of the bubble platform I can see more advanced API settings?

Sorry, Seem to be a plugin that I don’t know. Maybe you can contact the plugin author to have help.

Thanks for the help! (The plugin is my own that I’ve coded. But the settings are based on Bubble Data API, not my plugin which is why I was wondering how to use the refresh token)

Generally you will do a POST to the oauth/token endpoint using grant_type=refresh_token instead of authorization_code.

So very similar to the second leg of the OAUTH call you did to get the token in the first place except passing refresh token not code.

That makes a lot of sense. So something like:

https://domainName.com/api/1.1/oauth/access_token?
Where grant_type=refresh_token is in the body of the Post request along with the client_id, redirect_uri, and client_secret

Yes. Same parameters. If it follows the usual OAUTH format that should be it.

1 Like

The post call going through and I understand how to format it, thanks! However we are now getting the following error:

The redirect URI we are using is the same one that we create for our first login post call. Should we create a new page for the redirect uri and if so, are there any workflows we need to add here?