Refresh token is not provided when refreshing an access token

YannHerren · August 5, 2021, 9:09am

Hello,

I’m currently trying to implement a refreshing mechanism for the Jira Rest API in my application. The first time I authorize a user, I’m receiving both an access token and a refresh token. However, when I’m trying to renew an access token with a refresh token, another refresh token won’t be provided. According to the documentation the scope “offline_access” needs to be added, which I did. Still, I don’t get another refresh token.

Renewal request:

{
    "grant_type": "refresh_token",
    "client_id": "<my-client-id>",
    "client_secret": "<my-client-secret>",
    "refresh_token": "<refresh-token>"
}

Response (refresh token missing):

{
    "access_token": "<new-access-token>",
    "scope": "write:jira-work read:jira-work read:jira-user offline_access",
    "expires_in": 3600,
    "token_type": "Bearer"
}

Am I missing something?
Thanks for any help in advance.

ibuchanan · August 5, 2021, 11:20am

@YannHerren,

It seems the documentation is missing a key point about the settings in the developer console about refresh tokens:

Select your integration in the developer console .
Select Authorization .
Select Use rotating refresh tokens from the refresh token options.
Save your changes.

For more context, see this recent post:

YannHerren · August 5, 2021, 12:00pm

Thanks a lot! I wasn’t aware of the breaking changes. But this will definitely solve the problem.