Sign-in & Sign-up

How to Refresh Customer Token

Once the customer is logged in the token is generated and the customer has to use that token to access app pages and content. The time to live of the token is 24 minutes (1440 seconds), after 24 minutes token will expire. The time to refresh the token after expiration is 30 days (2628000 seconds).

Token expiration doesn't necessarily mean that it's unusable.

When token expires it can be refreshed within 30 days with following endpoint:

customers/refresh


Request

Attribute Type Example Value Description
Authorization HTTP header string "Bearer {customer_account_token}" JWT Token of Customer Account 
{
  "method": "get",
  "url": "https://api-public-playground.menu.app/api/customers/refresh",
  "headers": {
    "X-Request-ID": "69da3547-204b-4093-a225-54e084c24215",
    "Application": "f3a90488ffee32c3acb6fcd0ca417cf6",
    "Api-Version": 4.38.0,
    "Content-Type": "application/json",
    "Device-UUID": "1287796",
    "Authorization": "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzZXRSZWZyZXNoVFRMIjoyNjI4MDAwLCJpc3MiOiJodHRwczovL2FwaS1wdWJsaWMtcGxheWdyb3VuZC5tZW51LmFwcC9hcGkvY3VzdG9tZXJzL2xvZ2luIiwiaWF0IjoxNjkzMjA3MjA1LCJleHAiOjE2OTMyMTA4MDUsIm5iZiI6MTY5MzIwNzIwNSwianRpIjoiZUNUNGlZcVZKTGFmdlNIYSIsInN1YiI6IjUwOTA5NzYiLCJwcnYiOiJjYzMyOTIxYTE1NDgwYTExN2Q5YmJjNzJjMGUxMjU2YTY4NTI0NThiIiwiYXBwbGljYXRpb25faWQiOjIxNDQsInNlc3Npb25faWQiOjI4MzUwfQ.0WWTS1RxwPELOPIHV6MAB-XYQCsG7ocS1XvRvc5Vc6w"

  },
  
}

Response 

{
  "status": "OK",
  "code": 200,
  "data": {
    "customer_account": {
      "id": "8100bab1-267e-41ae-8592-c229253b0129",
      "type_id": 1,
      "reference_type": "CustomerAccount",
      "first_name": "Jonh",
      "last_name": "Doe",
      "email": "john.doe@gmail.com",
      "phone_number": "+15852826525",
      "locale": "en-US",
      "state": 1,
      "demographics": [],
      "optin_status_email": 3,
      "optin_status_pn": 3,
      "has_pending_email_change": false,
      "has_pending_phone_number_change": false,
      "is_social": false,
      "social_login": null,
      "updated_at": "2023-08-28 07:29:58",
      "created_at": "2023-08-25 12:10:33"
    },
    "token": {
      "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL2FwaS1wdWJsaWMtcGxheWdyb3VuZC5tZW51LmFwcC9hcGkvY3VzdG9tZXJzL3JlZnJlc2giLCJpYXQiOjE2OTMyMDcyMDUsImV4cCI6MTY5MzIxMTgwOSwibmJmIjoxNjkzMjA4MjA5LCJqdGkiOiJxcFluSXQxSVVZOEFnSnVqIiwic2V0UmVmcmVzaFRUTCI6MjYyODAwMCwic3ViIjoiNTA5MDk3NiIsInBydiI6ImNjMzI5MjFhMTU0ODBhMTE3ZDliYmM3MmMwZTEyNTZhNjg1MjQ1OGIiLCJhcHBsaWNhdGlvbl9pZCI6MjE0NCwic2Vzc2lvbl9pZCI6MjgzNTB9.BHtPDBaiMtWZyi99_dZYnDgSJzsHuMtoIbDiF0z9gco",
      "ttl": 60,
      "refresh_ttl": 2628000,
      "issued_token_type": "access_token",
      "token_type": "Bearer"
    }
  }
}

The token is refreshed to acquire a new token using an old expired one, or if you just want to invalidate the old one. You can also use the token refresh in case when the current token still didn't expire but you want to get a new one for some other reason.

The token is invalidated when you refresh it into a new one or if you explicitly want to invalidate a token (for example when logging out).

If the token is not refreshed within provided time the customer will have to log in again.

Previous
How to Modify Customer Accounts
Next
How to Remove Customer Account