Developer Console

Use the refresh token to get new tokens

When you obtain an access token, you will also get the refresh token if the client_secret is passed in request. Save your refresh token information in a secured place. You will need the refresh token to get a new access token after the current one expires.

📘 Do these steps only when your access token expires.

  1. Select endpoint to request for refresh token.
Endpoint Region
https://api.amazon.co.uk/auth/o2/token Europe (EU)
https://api.amazon.com/auth/o2/token North America (NA)
https://api.amazon.co.jp/auth/o2/token Far East (FE)
  1. In your POST request, include the parameters listed in the table.
Parameter Description
grant_type The type of access grant requested. Must be refresh_token.
refresh_token A long-lived token that can be exchanged for a new access token.
client_id The client identifier of your Application.
client_secret Optional. The secret value assigned to the client during registration. Don't use the client secret in a browser-based app because client secrets shouldn't be stored on web pages. If no client_secret is passed, the response returns no refresh token.
  1. Do the POST request.

Sample CURL request using the NA endpoint:

curl -X POST --data \n
     'grant_type=refresh_token
     &refresh_token=$REFRESH_TOKEN
     &client_id=$CLIENT_ID_FROM_PROFILE
     &client_secret=$CLIENT_SECRET_FROM_PROFILE' 
   https://api.amazon.com/auth/o2/token'

Sample response:

HTTP/l.l 200 OK
Content-Type: application/json;charset UTF-8
Cache-Control: no-store
Pragma: no-cache
{
  "access_token":"Atza|example-Dme37rR6CuUpSR",
  "token_type":"bearer",
  "expires_in":3600,
  "refresh_token":"Atzr|example-tpJX2DeX"
}
  1. Proceed to Step 3. Construct URI and authorize request.

Last updated: Nov 21, 2024