worksection
beta
help
Product
Solutions
Help
Pricing
Product
Solutions
Help
Pricing

Access token update OAuth 2.0

Once the access token becomes invalid, it needs to be refreshed. You can do this by using the refresh_token (obtained in the /oauth2/token method) and sending a POST request to the following URL:

https://worksection.com/oauth2/refresh
The POST request must contain the required parameters:

PARAMETERDESCRIPTION
client_id
client_idreceived when creating the application.
client_secret
client_secretreceived when creating the application.
grant_type
Always specify the value of refresh_token.
refresh_token
The refresh token that was received in the /oauth2/token method.

 
CURL example:

curl -X POST -d
"client_id=<client_id>&client_secret=<client_secret>&grant_type=refresh_token&refresh_token=<refresh_token>"
https://worksection.com/oauth2/refresh
Example response:

{
    "token_type": "bearer",
    "expires_in": 86400,
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1...",
    "refresh_token": "def50200365724c970b6cea5eeecfed28...",
    "account_url": "https://authorizeduseraccount.worksection.com"
}
The refresh request returns a new access token and a refresh token, which will invalidate the old tokens.

How OAuth 2.0 works OAuth 2.0 basic settings Authorization code OAuth 2.0 Authorization code processing OAuth 2.0 Access token OAuth 2.0 Using an access token OAuth 2.0 Getting information about OAuth 2.0 user
Previous Using an access token OAuth 2.0
Next Getting information about OAuth 2.0 user
Didn't find the answer?
Product
Overview Pricing Why Worksection? Security Integration Blog
Solutions
Digital Marketing Agencies PR / HR / Creative / Consulting Product Companies Construction Governmental / Social Projects Project Management Hourly Work Agile
Resources
Support Knowledge Base Video Lessons Agreements Affiliate Program Contact our manager
User Agreement Privacy policy Cookie Policy
download on the Google Play download on the App store
© 2026 Worksection, OÜ.