Refresh Token
POST
/api/auth/refresh
Refresh access token using refresh token from JSON body OR cookie.
Priority: body.refresh_token (if provided) → refresh_token cookie. This preserves backward compatibility with testagent (body path) while enabling cookie-based SSO flows (TASK-S10-003).
Request Body
Any of:
Token refresh request
object
refresh_token
required
string
null
Responses
200
Successful Response
JWT token response
object
access_token
required
string
expires_in
required
integer
refresh_token
required
string
token_type
string
user
required
User response schema
object
created_at
required
string format: date-time
email
required
string
id
required
string format: uuid
is_active
required
boolean
is_superuser
boolean
is_verified
required
boolean
username
required
string
422
Validation Error
object
detail
Array<object>
object
loc
required
Array
msg
required
string
type
required
string