--- title: "Refreshing the Access Token" slug: "refreshing-the-access-token" description: "Learn how to refresh your NavVis IVION access token using a refresh token to maintain uninterrupted access and manage expiration effectively." tags: ["Access Token", "JWT Expiration", "Refresh Token"] updated: 2024-01-26T14:51:53Z published: 2024-01-26T14:51:53Z --- > ## Documentation Index > Fetch the complete documentation index at: https://knowledge.navvis.com/llms.txt > Use this file to discover all available pages before exploring further. # Refreshing the Access Token The access token returned by NavVis IVION is an expiring JSON web token (JWT) which must be refreshed (replaced) before its expiration timestamp to ensure uninterrupted use. Refresh the access token by using a refresh token which is returned along with the initial access token when the login mandate is exchanged for credentials. The JWTs used by NavVis IVION are Base64 encoded JSON objects that are split into 3 dot separated segments as shown here: [segment_1].[segment_2].[segment_3] Segment 2 contains the token's expiration timestamp. The Base46 decoded version of segment 2 contains an object of the type shown below. ```plaintext { "type": string, "provider": string, "tokenType": string, "sub": string, "exp": number, "iat": number } ``` The field of interest (exp) contains a UNIX timestamp with the token's expiration. Refresh the access token by using the following endpoint: ```plaintext POST {instance_url}/api/auth/refresh_access_token ``` Request Body: ```plaintext { "refresh_token": string } ``` Response Code & Status: ```plaintext 200 OK ``` Response Body: ```plaintext { "access_token": string, "principal": { "username": string, "first_name": string | null, "last_name": string | null, ... }, ... } ``` The refresh token itself also has an expiration and it may or may not be possible to get a new one depending on the instance configuration. If the refresh token cannot be updated, once it expires, the user should be prompted to log in again. If the refresh token can be updated, renew it by using the endpoint below: ```plaintext POST {instance_url}/api/auth/update_refresh_token ``` Request Body: ```plaintext { "refresh_token": string } ``` Response Code & Status: ```plaintext 200 OK ``` Request Body: ```plaintext { "refresh_token": string, ... } ``` > **Note**: The provided refresh token must be valid and not expired.