(((meta (@ (content . "API: Renew an access token") (name . "title"))) (meta (@ (content . "manual") (name . "role"))) (meta (@ (content . "#api #manual #zettelstore") (name . "tags"))) (meta (@ (content . "zmk") (name . "syntax"))) (meta (@ (content . "00001010040700 00001012000000") (name . "back"))) (meta (@ (content . "00001010040700 00001012000000 00001012920000 00001012921000") (name . "backward"))) (meta (@ (content . "1") (name . "box-number"))) (meta (@ (content . "(c) 2020-present by Detlef Stern ") (name . "copyright"))) (meta (@ (content . "20210126175322") (name . "created"))) (meta (@ (content . "00001010040100 00001012050200 00001012920000 00001012921000") (name . "forward"))) (meta (@ (content . "en") (name . "lang"))) (meta (@ (content . "EUPL-1.2-or-later") (name . "license"))) (meta (@ (content . "20230412160219") (name . "modified"))) (meta (@ (content . "20230412160219") (name . "published"))) (meta (@ (content . "public") (name . "visibility")))) (p "An access token is only valid for a certain duration." " " "Since the " (a (@ (href . "00001012050200")) "authentication process") " will need some processing time, there is a way to renew the token without providing full authentication data.") (p "Send a HTTP PUT request to the " (a (@ (href . "00001012920000")) "endpoint") " " (kbd "/a") " and include the current access token in the " (kbd "Authorization") " header:") (pre (code (@ (class . "language-sh")) "# curl -X PUT -H 'Authorization: Bearer TOKEN' http://127.0.0.1:23123/a\n(\"Bearer\" \"eyJhbGciOiJIUzUxMiJ9.eyJfdGsiOjEsImV4cCI6MTY4MTMwNDA4NiwiaWF0IjoxNjgxMzA0MDI2LCJzdWIiOiJvd25lciIsInppZCI6IjIwMjEwNjI5MTYzMzAwIn0.kZd3prYc79dt9efDsrYVHtKrjWyOWvfByjeeUB3hf_vs43V3SNJqmb8k-zTHVNWOK0-5orVPrg2tIAqbXqmkhg\" 456)")) (p "You may receive a new access token, or the current one if it was obtained not a long time ago." " " "However, the lifetime of the returned " (a (@ (href . "00001012921000")) "access token") " is accurate.") (p "If " (a (@ (href . "00001010040100")) "authentication is not enabled") " and you send a renew request, no checking is done and you receive an artificial token immediate, without any delay:") (pre (code (@ (class . "language-sh")) "# curl -X PUT -H 'Authorization: Bearer freeaccess' http://127.0.0.1:23123/a\n(\"Bearer\" \"freeaccess\" 316224000)")) (p "In this case, it is even possible to omit the access token.") (h2 (@ (id . "http-status-codes")) "HTTP Status codes") (dl (dt (kbd "200")) (dd (p "Renew process was successful, the body contains a " (a (@ (href . "00001012921000")) "list") " with the relevant data.")) (dt (kbd "400")) (dd (p "The renew process was not successful." " " "There are several reasons for this." " " "Maybe access bearer token was not valid.") (p "Probably you should " (a (@ (href . "00001012050200")) "authenticate") " again with user identification and password."))))