|
|
|
# Copyright 2022 The Matrix.org Foundation C.I.C.
|
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
openapi: 3.1.0
|
|
|
|
info:
|
|
|
|
title: Matrix Client-Server Registration and Login API
|
|
|
|
version: 1.0.0
|
|
|
|
paths:
|
|
|
|
/refresh:
|
|
|
|
post:
|
|
|
|
x-addedInMatrixVersion: "1.3"
|
|
|
|
summary: Refresh an access token
|
|
|
|
description: |-
|
|
|
|
Refresh an access token. Clients should use the returned access token
|
|
|
|
when making subsequent API calls, and store the returned refresh token
|
|
|
|
(if given) in order to refresh the new access token when necessary.
|
|
|
|
|
|
|
|
After an access token has been refreshed, a server can choose to
|
|
|
|
invalidate the old access token immediately, or can choose not to, for
|
|
|
|
example if the access token would expire soon anyways. Clients should
|
|
|
|
not make any assumptions about the old access token still being valid,
|
|
|
|
and should use the newly provided access token instead.
|
|
|
|
|
|
|
|
The old refresh token remains valid until the new access token or refresh token
|
|
|
|
is used, at which point the old refresh token is revoked.
|
|
|
|
|
|
|
|
Note that this endpoint does not require authentication via an
|
|
|
|
access token. Authentication is provided via the refresh token.
|
|
|
|
|
|
|
|
Application Service identity assertion is disabled for this endpoint.
|
|
|
|
operationId: refresh
|
|
|
|
requestBody:
|
|
|
|
content:
|
|
|
|
application/json:
|
|
|
|
schema:
|
|
|
|
type: object
|
|
|
|
example: {
|
|
|
|
"refresh_token": "some_token"
|
|
|
|
}
|
|
|
|
properties:
|
|
|
|
refresh_token:
|
|
|
|
type: string
|
|
|
|
description: The refresh token
|
|
|
|
required:
|
|
|
|
- refresh_token
|
|
|
|
required: true
|
|
|
|
responses:
|
|
|
|
"200":
|
|
|
|
description: A new access token and refresh token were generated.
|
|
|
|
content:
|
|
|
|
application/json:
|
|
|
|
schema:
|
|
|
|
type: object
|
|
|
|
properties:
|
|
|
|
access_token:
|
|
|
|
type: string
|
|
|
|
description: The new access token to use.
|
|
|
|
refresh_token:
|
|
|
|
type: string
|
|
|
|
description: |-
|
|
|
|
The new refresh token to use when the access token needs to
|
|
|
|
be refreshed again. If not given, the old refresh token can
|
|
|
|
be re-used.
|
|
|
|
expires_in_ms:
|
|
|
|
type: integer
|
|
|
|
description: |-
|
|
|
|
The lifetime of the access token, in milliseconds. If not
|
|
|
|
given, the client can assume that the access token will not
|
|
|
|
expire.
|
|
|
|
required:
|
|
|
|
- access_token
|
|
|
|
examples:
|
|
|
|
response:
|
|
|
|
value: {
|
|
|
|
"access_token": "a_new_token",
|
|
|
|
"expires_in_ms": 60000,
|
|
|
|
"refresh_token": "another_new_token"
|
|
|
|
}
|
|
|
|
"401":
|
|
|
|
description: The provided token was unknown, or has already been used.
|
|
|
|
content:
|
|
|
|
application/json:
|
|
|
|
schema:
|
|
|
|
$ref: definitions/errors/error.yaml
|
|
|
|
examples:
|
|
|
|
response:
|
|
|
|
value: {
|
|
|
|
"errcode": "M_UNKNOWN_TOKEN",
|
|
|
|
"error": "Soft logged out",
|
|
|
|
"soft_logout": true
|
|
|
|
}
|
|
|
|
"429":
|
|
|
|
description: This request was rate-limited.
|
|
|
|
content:
|
|
|
|
application/json:
|
|
|
|
schema:
|
|
|
|
$ref: definitions/errors/rate_limited.yaml
|
|
|
|
servers:
|
|
|
|
- url: "{protocol}://{hostname}{basePath}"
|
|
|
|
variables:
|
|
|
|
protocol:
|
|
|
|
enum:
|
|
|
|
- http
|
|
|
|
- https
|
|
|
|
default: https
|
|
|
|
hostname:
|
|
|
|
default: localhost:8008
|
|
|
|
basePath:
|
|
|
|
default: /_matrix/client/v3
|