Skip to main content
POST
/
v1
/
apps
/
{app_id}
/
m2m
/
refresh
Refresh the M2M access token
curl --request POST \
  --url https://{defaultHost}/v1/apps/{app_id}/m2m/refresh \
  --header 'Authorization: Bearer <token>' \
  --header 'X-Authorization: <api-key>'
{
  "access": "<string>",
  "access_expires_at": "2023-11-07T05:31:56Z",
  "csrf": "<string>",
  "refresh": "<string>",
  "refresh_expires_at": "2023-11-07T05:31:56Z"
}

Documentation Index

Fetch the complete documentation index at: https://docs.scute.io/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

API Secret token

X-Authorization
string
header
required

User Access token

Headers

Authorization
string
required

M2M access token

X-CSRF-Token
string

CSRF token required when refresh tokens are stored in cookies

Path Parameters

app_id
string
required

App ID

Response

successful

access
string
required

Newly issued JWT access token

access_expires_at
string<date-time>
required

Timestamp when the new access token expires

csrf
string
required

CSRF token to pair with cookie-based refresh tokens

refresh
string | null

Refresh token if the app uses refresh payloads

refresh_expires_at
string<date-time> | null

Timestamp when the refresh token expires