Refresh Token
curl --request POST \
--url https://api.bunship.com/api/v1/auth/refresh \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"refreshToken": "<string>"
}
'import requests
url = "https://api.bunship.com/api/v1/auth/refresh"
payload = { "refreshToken": "<string>" }
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({refreshToken: '<string>'})
};
fetch('https://api.bunship.com/api/v1/auth/refresh', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.bunship.com/api/v1/auth/refresh",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'refreshToken' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.bunship.com/api/v1/auth/refresh"
payload := strings.NewReader("{\n \"refreshToken\": \"<string>\"\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.bunship.com/api/v1/auth/refresh")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"refreshToken\": \"<string>\"\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.bunship.com/api/v1/auth/refresh")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"refreshToken\": \"<string>\"\n}"
response = http.request(request)
puts response.read_body{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expiresIn": 900
}
Auth
Refresh Token
Exchange a refresh token for a new token pair
POST
/
api
/
v1
/
auth
/
refresh
Refresh Token
curl --request POST \
--url https://api.bunship.com/api/v1/auth/refresh \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"refreshToken": "<string>"
}
'import requests
url = "https://api.bunship.com/api/v1/auth/refresh"
payload = { "refreshToken": "<string>" }
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({refreshToken: '<string>'})
};
fetch('https://api.bunship.com/api/v1/auth/refresh', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.bunship.com/api/v1/auth/refresh",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'refreshToken' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.bunship.com/api/v1/auth/refresh"
payload := strings.NewReader("{\n \"refreshToken\": \"<string>\"\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.bunship.com/api/v1/auth/refresh")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"refreshToken\": \"<string>\"\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.bunship.com/api/v1/auth/refresh")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"refreshToken\": \"<string>\"\n}"
response = http.request(request)
puts response.read_body{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expiresIn": 900
}
Uses a valid refresh token to obtain a new access token and refresh token pair. The previous refresh token is invalidated (token rotation) to prevent replay attacks.
Auth
None required. The refresh token in the request body serves as authentication.Rate Limit
20 requests per minute per IP.Request Body
The refresh token received from a previous login or refresh response.
Response
New JWT access token. Expires in 15 minutes.
New JWT refresh token. Expires in 7 days. Store this for the next rotation.
Access token expiry in seconds (900).
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expiresIn": 900
}
Errors
| Status | Code | Description |
|---|---|---|
401 | AUTHENTICATION_ERROR | Refresh token is invalid, expired, or already used |
Example
curl -X POST https://api.bunship.com/api/v1/auth/refresh \
-H "Content-Type: application/json" \
-d '{
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}'
⌘I

