Unable to get access token from refresh token

abha_AID_integration · October 28, 2023, 11:05am

@IntegrationSupport ,
I am using this API “/v2/auth/generate/access-token” to get the access token from refresh token.
But now its giving the following error. I have been using it regularly but getting this error today only.
screenshot

abha_AID_integration · October 29, 2023, 10:42am

@IntegrationSupport,
any update on this?

abha_AID_integration · October 30, 2023, 5:20am

@IntegrationSupport,
any update on this?

IntegrationSupport · October 30, 2023, 6:39am

@pranab Please assist here.

viewzen · October 30, 2023, 7:20am

Help needed regarding the same in V3 Apis as well

@IntegrationSupport

pranab · October 31, 2023, 6:24am

Hi @viewzen @abha_AID_integration could you please share the page where you get this endpoint to refresh your token. Also I believe you need to send grantType with value of “refresh_token” when you are trying to generate access token.

abha_AID_integration · October 31, 2023, 8:56am

@integrationSupport,
This is link to swagger API.
https://app.swaggerhub.com/apis-docs/abdm.abha/abha-service/1.0#/Authentication/generateAccessTokenUsingPOST

viewzen · October 31, 2023, 9:35am

please give the endpoint to use for refreshing the token in V3 API after profile login.

abha_AID_integration · November 1, 2023, 8:30am

@IntegrationSupport,
please update on this issue, i have shared the required API link also.

Sachin · November 1, 2023, 9:27am

@viewzen @abha_AID_integration

There is no need of calling this API as “accessToken” expiry is 6 hrs. and “refreshToken” expiry is 30 min only.

CC: @IntegrationSupport @pranab

viewzen · November 1, 2023, 9:13am

No. The ABHA Profile login tokens have the following expiry times

access_token: 1800
refres_token: 1296000

pranab · November 1, 2023, 9:30am

@viewzen kindly check once again, the access token expires after 6 hours.

“expiresIn”: 21600,
“refreshExpiresIn”: 1800

abha_AID_integration · November 1, 2023, 9:30am

@IntegrationSupport,
This is the expiry time for tokens.

“jwtResponse”: {
“token”: “eyJhbGciOiJSUzUxMiJ9.eyJzdWIiOiI5MS0xMzQ3LTg3MzQtNDQxMiIsInN5c3RlbSI6IkFCSEEtTiIsIm1vYmlsZSI6IjczNTEwNzcwNjkiLCJleHAiOjE2OTg4MzI3MDUsImhlYWx0aElkTnVtYmVyIjoiOTEtMTM0Ny04NzM0LTQ0MTIiLCJpYXQiOjE2OTg4MzA5MDV9.mnRJt_VuYUf5lh2wHTV76Pbr7I8nSb4s80GY7mzxDK2uaAQswrC2mO9T7lLlgG6PLWtzDnPlyRCRpt4mX7vrB1PZy5475dnjHuTQkEW-JJkP6GvgvJ8PuWt–EIenrMDyXavZC8949ix8Zp5-lLG7DN3ske6M9cqOwQr4zrCzX313phFSAeYFCjYq82cY3u9qeM4bWHA6y9j4jU8vXeVIps-6Jryf99qKHMnZehk1QAG-jz_1FgpJi_gtbMxe-P6fKq8kcWWL3g9S83dq4qkqRDcnNZYYJ61mojll9E7UXbznsj4BVoWlSofNxCv2Id5O3noylB6l5JdeD4K95SKjuUJfalGY6SBu8POGU4qd1MhLviJecKtQF_JVA4MZI8oa9RkNQVZnKzLpt6dAqxeERo0GQCgmr5_3JIgv_U-XP8r6qd0SpfVhDXcgM5ykfIeGT5S7jzKv_SmsAwSG_JxHl4RKIdl3N-isScN6ekMV4K34GjKPN3QAhCjPwZBL3syOi1yvTiuaN6bmQfh2WwMiNiQ8aV38Qt2qwNlT3e8BifJo0Hlk0-IAmBTJhyWQf-o6ZWZK3ND1-op6Z0RCLrARbv_7Hmumd-H9tAH8ow2gQ0XRmaHfZXNOXe2S9a1uBUmGOSj-9YqqbiAGnpOClIBA2a6PvE1IIKffERcy2I1w”,
“expiresIn”: 1800,
“refreshToken”: “eyJhbGciOiJSUzUxMiJ9.eyJzdWIiOiI5MS0xMzQ3LTg3MzQtNDQxMiIsInN5c3RlbSI6IkFCSEEtTiIsInR5cCI6IlJlZnJlc2giLCJleHAiOjE3MDAxMjY5MDUsImlhdCI6MTY5ODgzMDkwNX0.K5WCsEt_jxqrdy1xSLwXFjnm_5HSFpLYa6Qm7y7i48K8vT-QH6f_DzdBhmPGsyalzy_I7itfGcnLlYGONiqKdP69n0zNJ0gAU1O6jzEg_adQJd33WD223IL_fA3aoMmKo6hTtfj3R-Twtb2Z5eyP_lgaGSEL1M-VSDyyr0fBR2CVVWbn948NmTndOk874sVDwq3OH_MYjW1GujHHpkqJaL4pcBIohGLS2EHmaJoFTwC-50nPJbBtg83EjZx9ddcdlTN1Ft5D8d-oetSpEVWO6UqJZL4E-lGR79onqIP__SbdxNpy-x_Ob-9c4TlDs0nuIVQKSO6MSysrQFCguk62uiseFqdG3BFmHFO715yM3iPugwZ4MVesuZIeeXfBaZ-2o-FjntdXXLDCnEuHBMFooejCH5br43psBUuZYCOeDbiesRvxZe7XTlQoT-G18cDu2KpnhuFOaymD5yeNtDqpv-v3S9V8dANW50hB8I0kDSy-lY9rMBPRYPmUOONXxyyW7TeneZWIPd2HFUJQvUE-j7EFZlDl6qkvjFzZpyLCC02SL7xwjfZF2E3yjRH2qhjtVkocO4W8PNFlnGjNdafOc3UyPhMrP8IXBmEd3IVMb_zLBLi2daDhzY25Xq9Eu5pPt-QxKT9wUt2tUbyqekswadJBUPZhrZU3Z6CTdDVdAmM”,
“refreshExpiresIn”: 1296000
},

viewzen · November 1, 2023, 9:32am

This one is for token got from clientId and clientSecret.

The one i shared is from the ABHA Profile Login (where user can see the ABHA card)

abha_AID_integration · November 1, 2023, 9:35am

@IntegrationSupport
we are talking about the xtoken and refresh token that we get on aadhaar verification. using this xtoken we can get user’s info along with abha card.
we are using refresh token to get back the xtoken,once it expires as its expirty time in 1800 only.

pranab · November 1, 2023, 9:36am

@viewzen i don’t see any point of keeping the session alive after 30 minutes. If you want to show abha card to your users, you can download it in your storage and populate it as per your convenience. Could you please explain why do you want to keep the user logged in more than 30 minutes.

viewzen · November 1, 2023, 9:48am

So this is by design

access_token: 1800
refresh_token: 1296000

The default implementation is for the user to be logged out after 30 mins. Understood. Thanks

abha_AID_integration · November 1, 2023, 9:53am

@IntegrationSupport
after 30mins, we would require to generate the xtoken using refresh token.
That’s what i am saying, using refresh token we are unable to get the xtoken back.

abha_AID_integration · November 2, 2023, 8:55am

@IntegrationSupport,
can you please share updates on this scenario?

IntegrationSupport · November 2, 2023, 10:38am

@abha_AID_integration There is no need of getting token from refresh. Team has already mentioned everything in detail in the above thread. Please refer the trail. Closing this thread.