Skip to main content
POST
/
api
/
auth
/
refresh
curl --request POST \
  --url https://zeus.agentspro.cn/api/auth/refresh \
  --header 'Content-Type: application/json' \
  --data '{
    "refreshToken": "dGhpcyBpcyBhIHJlZnJlc2ggdG9rZW4..."
  }'

{
  "accessToken": "eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9...",
  "expiresIn": 3600
}
Use a long-lived refresh token (30 days) to silently obtain a new short-lived access token (1 hour) without requiring the user to log in again.

When to Use

  • Desktop/iOS native clients whose access token has expired
  • Automated token renewal in background before API calls
  • Any native client that received a refreshToken during login

Authentication Flow

If the refresh token is expired or invalid, the endpoint returns 401. The client should clear local auth state and redirect to the login screen.
refreshToken
string
required
The refresh token received during login (from /api/auth/jwt or device authorization flow)
accessToken
string
New JWT access token (valid for 1 hour). Usage: Authorization: Bearer <accessToken>
expiresIn
number
Token validity in seconds: 3600 (1 hour)
curl --request POST \
  --url https://zeus.agentspro.cn/api/auth/refresh \
  --header 'Content-Type: application/json' \
  --data '{
    "refreshToken": "dGhpcyBpcyBhIHJlZnJlc2ggdG9rZW4..."
  }'

{
  "accessToken": "eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9...",
  "expiresIn": 3600
}