Skip to main content
POST
/
auth
/
refresh
Refresh Access Token
curl --request POST \
  --url https://api.fyatu.com/api/v3.20/auth/refresh
{
  "success": true,
  "status": 123,
  "message": "<string>",
  "data": {
    "accessToken": "<string>",
    "tokenType": "Bearer",
    "expiresIn": 86400,
    "expiresAt": "2023-11-07T05:31:56Z",
    "scopes": [
      "<string>"
    ]
  },
  "meta": {
    "requestId": "req_9f3e2a1b4c5d67e8",
    "timestamp": "2023-11-07T05:31:56Z"
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.fyatu.com/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Refresh your current access token to extend your session without re-authenticating with your businessId and secretKey. The refreshed token carries the same scopes as the original.

Refresh Window

Tokens can be refreshed:
  • Before expiry: at any time while the token is valid
  • After expiry: up to 5 minutes after the token has expired
After the 5-minute grace period you must re-authenticate via POST /auth/token.

Error Codes

CodeDescription
AUTH_TOKEN_MISSINGNo Authorization header provided
AUTH_TOKEN_INVALIDToken is malformed, revoked, or past the refresh window
Implement proactive refresh — check expiresAt before each request and refresh when less than 5 minutes remain. This prevents failed requests due to expired tokens.

Response

Token refreshed

success
boolean
status
integer
message
string
data
object
meta
object