This endpoint allows you to obtain a new access token without re-authenticating with your password. You must provide a valid (but possibly soon-to-expire) Bearer token.
This endpoint requires authentication. Include a valid Bearer token in the Authorization header.
Authentication This endpoint uses HTTPBearer security. Include the access token you want to refresh:
Authorization: Bearer <access_token>
Response The newly generated access token (JWT)
The token type, always “bearer”
Status Codes
200 : New token generated successfully404 : Invalid or expired token (cannot refresh)403 : Invalid or expired token
Requirements This endpoint only works for protected short URLs (URLs created with a password). The following conditions must be met:
The Bearer token must be valid and not expired
The URL associated with the token must exist
The URL must have a password set (password-protected URLs only)
How It Works
Validates the provided Bearer token
Retrieves the URL code from the token
Verifies the URL exists and has a password
Generates a new access token with a fresh expiration time
Returns the new token
cURL
Response (200)
Error (404)
Error (403)
curl -X GET https://api.example.com/refresh_token \ -H "Authorization: Bearer <access_token>"
Token Lifecycle
Tokens expire after a configured period (default: 5 minutes)
Use this endpoint to refresh before expiration
The new token will have a fresh expiration time
You can use the new token for all authenticated endpoints