Skip to content

Refresh Token

POST
/api/auth/refresh

Refresh access token using refresh token from JSON body OR cookie.

Priority: body.refresh_token (if provided) → refresh_token cookie. This preserves backward compatibility with testagent (body path) while enabling cookie-based SSO flows (TASK-S10-003).

Request Body

Any of:

Token refresh request

object
refresh_token
required
string

Responses

200

Successful Response

JWT token response

object
access_token
required
string
expires_in
required
integer
refresh_token
required
string
token_type
string
default: bearer
user
required

User response schema

object
created_at
required
string format: date-time
email
required
string
full_name
required
Any of:
string
id
required
string format: uuid
is_active
required
boolean
is_superuser
boolean
is_verified
required
boolean
last_login
required
Any of:
string format: date-time
organization_id
Any of:
string format: uuid
timezone
Any of:
string
username
required
string

422

Validation Error

object
detail
Array<object>
object
loc
required
Array
msg
required
string
type
required
string