search
Your Paytm for business app is working and will keep working beyond March 15th, 2024. Click to know more

POSTRefresh Token API

Use Case

This API is used to get a new SSO token for the Paytm user after its expiry. The refresh token received in the response of Validate OTP API is used to get a new SSO token.

 

Attribute Description

Authorization

string
mandatory

This is a base64 encoded string of “clientId:clientSecret”

Request Attributes

Content Type : JSON

Body

AttributeDescription
grantType
string
mandatory

Grant type for API

Possible Values: refresh_token

deviceId
string
mandatory

Device Id used in Send OTP API

refreshToken
string
mandatory

Value of Refresh token received in response to Validate OTP API.

Response Attributes

 

API Content Type: JSON

Success Response

ATTRIBUTE DESCRIPTION

scope

string

Scope of the token received
Example: paytm, wallet

accessToken

string

Received SSO token of the user
Example: eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..xxxxxxxxxxx.9iHTtWbCZ0I6qbn2sUnyz5siw1fqbmtEnFMFE7nSIX-yrwCkiGfAC6QmPr9q-tw8LMPOh5-3UXRbpeVZEupQd3wNyaArWybRX2HAxJDRD8mxJ_wxzJM6GZ1ov4O3EIsx2Y_Zr0aHCd3VbnTjRUnlVdxXJPFG8QZs0b_2TVdoAX3_QjZS8_dwcmIWoH8ebDzOIs7MJacETfMtyFGAo8Xc0LjznToUWvTsTbIXQoF1yB0.1fZFAYJVsY61BTv2htLcXQ8800

tokenType

string

Possible Values: BEARER

expiresIn

string

Expiry timer of the SSO token
Example: 1594011297000

 

Failure Response

ATTRIBUTE DESCRIPTION

error

string

This is the error corresponding to a particular error description and is returned to the merchant.
The different error codes corresponding to this API are mentioned below.

error_description

string

This parameter is the error_description which contains information about the failure result.

Note: If Authorization header is incorrect then the response will not come and you will face HTTP Status code "401"

Response Codes & Messages

ResponseCodeStatusMessage
403 FAILURE scope is not refreshable
BE1422001 FAILUREwhen some token is requested for refresh and is not refreshable.
BE1422001 FAILURE scope is not refreshable
BE1422002 FAILURE invalid refresh token
BE1423001 FAILURE illegal parameters etc.
BE1423001 FAILURE token format, not supported
BE1423001 FAILURE authorization failed
BE1423003 FAILURE The grant type is not given to the client
BE1423004 FAILURE Authorization is invalid
BE1423005 FAILURE invalid authorization code
BE1526000 FAILURE internal server error
NA FAILUREClient permission not found
Staging
Production
https://accounts-uat.paytm.com/oauth2/v3/token/sv1copy icon
REQUEST
RESPONSE
CURL
JAVA
NODE
PHP
PYTHON
DOTNET
curl -X POST 'https://accounts-uat.paytm.com/oauth2/v3/token/sv1/' \
--header 'Authorization: Basic {BASE64_ENCODED_CLIENT_ID_AND_CLIENT_SECRET}' \
--header 'Content-Type: application/json' \
--data '{
    "grantType": "refresh_token",
    "refreshToken": "eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..DjiFueBM9p2ydJdZ.gckBfCcxO8NYSpmBfC4l6OirDCSskDoJjol_RMLZjzMkwL1GpOG3VeHVmV9ZXhXql_xxxxxxxxxxxxxxxxx_MdPgtfCFxc-PFELV-8eSyNeTgT4FhTxmOR19LJve0W7NQmSZtJFRPTC8hl_xxxxxxxxxxx_LCzGDPjTYOAQRBrgbLN7yBWdYyopeiGprlze-1SwTqU3Lu97gdM_e8mpcwCPcnzuNVxctSQmIDQdiVCgGHvKP8sOXivfTo.6KZU_zLuQmXl2OJsTZgMuw3000",
    "deviceId": "Device123"
}'
copy icon