Auth0 Home Blog Docs

Getting "access_denied" when calling for a refresh token on "oauth/token"

I’m trying to use refresh token end point mentioned here API Explorer Refresh Token
but I’m getting access_denied
I tried with access token, id_token, I also tried sending client_secret but it’s still the same response.
How to solve this issue since there is no explanation why I’m getting this response?

Hello @SirajKakeh,

Are you able to share your code where you are hitting the /oauth/token endpoint?

Are you trying to get a refresh token, or are you trying to use a refresh token to get a new access token?

@markd

curl -X POST \
  https://my-auth0-domain/oauth/token \
  -H 'Content-Type: application/json' \
  -d '{
	"grant_type": "refresh_token",
	"client_id": "my-client-id"
	"refresh_token":"my-old-token"
}'

I’m trying to get a new token by sending the expired token

Hello @SirajKakeh,

The refresh_token is not your old token. When you call /authorize, you ask for a refresh token by specifying the offline_access scope. You store the returned refresh token and present it to /oauth/token when you need a new access token.

1 Like

Hey @SirajKakeh what @markd shared is what you need to grasp to achieve what you intend to. You need to use refresh tokens to get past the fact of having expired token. Check the doc provided by Mark and let us know if you have any questions!