HomeGuidesAPI Reference
Submit Documentation FeedbackJoin Developer CommunityOptimizely GitHubOptimizely NuGetLog In

Refresh tokens

This topic describes how to exchange a refresh token for an access token on Optimizely's authorization server.



For authorization code grants only.

After the authorization code exchange, you can exchange a refresh token for an access token by issuing an HTTPS POST request to Optimizely's authorization server.

The examples below show an example request and a successful response. In the event the user has revoked your access, you will receive an HTTP 400 response.


  • refresh_token: The refresh token returned from the authorization code exchange.
  • client_id: The client ID for your application (see app settings).
  • client_secret: The client secret for your application (see [app settings](http://app.optimizely.com/v2/accountsettings/regist ered-apps)).
  • grant_type: As defined in the OAuth 2.0 spec, this field must contain a value of refresh_token.

Example POST request

POST https://app.optimizely.com/oauth2/token

Example JSON response

  "access_token": "abcdefghijklmnopqrstuvwxyz",
  "expires_in": 7200,
  "token_type": "bearer",