This authorization flow example walks you through obtaining a new access token without requiring the user to reauthenticate.

Be sure to select the refresh token grant type when specifying a grant type that supports refresh tokens, such as Authorization Code, Resource Owner Password Credentials, or Assertion.

See Refresh Token Grant Type for more information on the Refresh Token grant type.

When an application makes a request to Oracle Identity Cloud Service to obtain an access token, the request URL contains query parameters that indicate the type of access being requested.

Example Request Using the Authorization Header

curl -i
-H 'Authorization: Basic <base64Encoded clientid:secret' 
-H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8'
--request POST https://<IDCS-Service-Instance>.identity.oraclecloud.com/oauth2/v1/token -d 'grant_type=refresh_token&refresh_token=<refresh-token>&scope=<optional scope value>'

curl -i
-H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8'
--request POST https://<IDCS-Service-Instance>.identity.oraclecloud.com/oauth2/v1/token -d 'grant_type=refresh_token&refresh_token=<refresh-token>&client_id=<client-id>&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=<client-assertion>&scope=<optional scope value>'

curl -i 
-H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' 
--request POST https://<idcs-url>/oauth2/v1/token 
-d 'grant_type=refresh_token&refresh_token=<refresh-token-value>&client_id=<client-id-value>'