As part of both authentication flows, you will be working with access tokens and refresh tokens.
Authorization: OAuth <access token>
If the request yields an error response due to an expired token, the refresh token can be used to get a new access token.
If the request yields an error because an access token has been revoked, the client application must be re-authorized by the user in order to gain access.
If the client application has a refresh token, it can use it to send a request for a new access token.
|grant_type||Value must be refresh_token for this flow.|
|refresh_token||The refresh token the client application already received.|
|client_id||Consumer key from the connected app definition.|
|client_secret||Consumer secret from the connected app definition.|
|format||Expected return format. The default is json. Values are:
If this request is successful, the server returns a payload holding the access_token.