Refresh Token

curl --request POST \
  --url http://localhost:8000/auth/refresh

{
  "access_token": "<string>",
  "expires_in": 123,
  "user_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "role": "<string>",
  "token_type": "bearer",
  "tenant_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
}

Authentication

Refresh Token

Re-issue a JWT for the currently authenticated user, extending expiry.

Validates the existing token via the standard auth dependency and issues a fresh token with the same user/tenant/role context. The old token remains valid until its original exp claim, but the client must use the new one from this point forward.

Args: user_id: Authenticated user ID (resolved from current JWT) current_user: Full user context including tenant_id and role

Returns: TokenResponse: New JWT with extended expiry

Raises: HTTPException 401: If the request carries no valid token

POST

auth

refresh

Refresh Token

curl --request POST \
  --url http://localhost:8000/auth/refresh

{
  "access_token": "<string>",
  "expires_in": 123,
  "user_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "role": "<string>",
  "token_type": "bearer",
  "tenant_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
}

Headers

authorization

string | null

x-api-key

string | null

x-tenant-id

string | null

Cookies

factio_access_token

string | null

Response

Successful Response

access_token

string

required

JWT access token

expires_in

integer

required

Token expiration time in seconds

user_id

string<uuid>

required

User's unique identifier

role

string

required

User's role in the tenant

token_type

string

default:bearer

Token type

tenant_id

string<uuid> | null

Active tenant ID

Change Password Link Google Account