Example: Token Refresh
How to handle Token Lifecycle Management
This example shows how to use a refresh token to obtain a new access token without requiring the user to re-authenticate.
Prerequisites: Review End-User Authentication and have a valid refresh token from a previous token exchange.
When to Refresh
💡 SDK Users: b.well SDKs handle token refresh automatically. This example is for direct API integration only.
Access tokens expire after a set period (typically 1 hour). You should refresh tokens:
- Proactively: Before expiration (recommended)
- Reactively: When you receive a 401 error indicating token expiration
Refresh Request
Use your refresh token from a previous token exchange to acquire a new access token:
curl --request POST \
--url https://api.client-sandbox.icanbwell.com/v1/graphql \
--header 'clientkey: {your-client-key}' \
--header 'content-type: application/json' \
--header 'refresh_token: {your-refresh-token}' \
--data '{"query":"query refreshTokens {\n refresh {\n accessToken\n idToken\n }\n}\n","variables":"{}"}'Response
The response includes a new access token that can be used to access b.well APIs:
{
"data": {
"refresh": {
"accessToken": "{access-token}",
"idToken": "{id-token}"
}
}
}Updated 10 days ago