Your access token will expire 2 hours after it is issued. When this happens, your application can retrieve a new one by using the refresh_token
returned in the auth code exchange or prior token refresh. See Token Refresh for additional guidance.
client_id
and client_secret
.
The header is formed by concatenating the word “Basic”, a space, and a base64-encoded
string consisting of the client_id
, a colon :
, and the client_secret
.application/x-www-form-urlencoded
, matching the format of the request body.refresh_token
Bearer
.