Skip to content

Latest commit

 

History

History
30 lines (21 loc) · 1000 Bytes

refresh-token.md

File metadata and controls

30 lines (21 loc) · 1000 Bytes
Raw

Implementing an Authorization Server with the Refresh Token Grant

  1. To enable this grant add the following to the config/oauth2.php configuration file
'grant_types' => [
    'refresh_token' => [
        'class' => '\League\OAuth2\Server\Grant\RefreshTokenGrant',
        'access_token_ttl' => 3600,
        'refresh_token_ttl' => 36000
    ]
]

Note: The refresh token grant is to be used together with one other of the following grants: PasswordGrant, AuthCodeGrant.

  1. Set up a route to respond to the incoming access token requests.
Route::post('oauth/access_token', function() {
    return Response::json(Authorizer::issueAccessToken());
});
  1. Whenever you request an Access Token using a grant that supports the use of the Refresh Token grant, you'll get a Refresh Token together with the Access Token. Once the Access Token expires, use the Refresh Token to require a new one.

← Back to start