Skip to main content
POST
/
api
/
v1
/
auth
/
refresh
Refresh Token
curl --request POST \
  --url https://api.bunship.com/api/v1/auth/refresh \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "refreshToken": "<string>"
}
'
{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "expiresIn": 900
}

Documentation Index

Fetch the complete documentation index at: https://docs.bunship.com/llms.txt

Use this file to discover all available pages before exploring further.

Uses a valid refresh token to obtain a new access token and refresh token pair. The previous refresh token is invalidated (token rotation) to prevent replay attacks.

Auth

None required. The refresh token in the request body serves as authentication.

Rate Limit

20 requests per minute per IP.

Request Body

refreshToken
string
required
The refresh token received from a previous login or refresh response.

Response

accessToken
string
New JWT access token. Expires in 15 minutes.
refreshToken
string
New JWT refresh token. Expires in 7 days. Store this for the next rotation.
expiresIn
number
Access token expiry in seconds (900).
{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "expiresIn": 900
}

Errors

StatusCodeDescription
401AUTHENTICATION_ERRORRefresh token is invalid, expired, or already used

Example

curl -X POST https://api.bunship.com/api/v1/auth/refresh \
  -H "Content-Type: application/json" \
  -d '{
    "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
  }'