POST https://api.actonsoftware.com/token
The grant type refresh will return a new access token and a new refresh token.
Customers wanting to access our API via our gateway in the EU can use this link:
POST https://api-eu.actonsoftware.com/token
- access_token - Store the returned access token in your application to authenticate the other endpoint requests. The access token expires after 3600 seconds.
- refresh_token - Password or Code grant types are limited to 5 authentication attempts per hour. Using the refresh token workflow avoids unneeded access token requests and prevents your application from reaching this limit. The refresh token does not expire until a new token is requested via any of the Grant Type calls.
Parameters
| Name | Parameter Type |
Allow Multiple |
Required/ Optional |
Data Type | Description |
|---|---|---|---|---|---|
| grant_type | x-www-form-urlencoded | False | Required | string | Value must be 'refresh_token'. |
| client_id | x-www-form-urlencoded | False | Required | string | The Client ID you received in your welcome email. |
| client_secret | x-www-form-urlencoded | False | Required | string | The Client Secret you received in your welcome email. |
| refresh_token | x-www-form-urlencoded | False | Required | string | The refresh_token received in the previous authentication or refresh request. |
Response
{
"access_token": "12345678-9abc-defg-hijk-lmnopqrs",
"refresh_token": "12345678-9abc-defg-hijk-lmnopqrs",
"scope": "default",
"token_type": "Bearer",
"expires_in": 86400
}
Code Examples
cURL
curl -X POST https://api.actonsoftware.com/token -d 'grant_type=refresh_token&client_id=123456789abcdefghijklmnopqrs&client_secret=123456789abcdefghijklmnopqrs&refresh_token=123456789abcdefghijklmnopqrs'
Note: Following an upgrade to Act-On's API infrastructure in late 2023, check that the new URL, client ID, and secret are used. See API Infrastructure Upgrade for more information.