### Initiate OAuth 2.0 Authorization Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Redirect the user-agent to this endpoint to start the OAuth 2.0 flow. Include your client ID, redirect URI, response type, and state. Optional parameters include language and redirect type for iframe usage. ```url https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=code&state=kjfgierwgn ``` ```url https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=code&state=kjfgierwgn&redirect_type=iframe ``` ```url https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=code&state=kjfgierwgn&lang=hu ``` -------------------------------- ### Access Token Refresh Response Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md This is an example of a successful response when an access token is refreshed. The authorization server may issue a new refresh token. ```json { "user_id": 1, "access_token": "1f962bd5-7890-435d-b619-584b6aa32e6c", "expires_in": 3600, "token_type": "Bearer", "refresh_token": "3a6b45b8-9d29-4cba-8a1b-0093e8a2b933" } ``` -------------------------------- ### API Error Response Format Source: https://github.com/myminifactory/api-documentation/blob/master/upload-instructions.md The API returns JSON errors with appropriate HTTP status codes. This example shows an unauthorized access error. ```http HTTP/1.1 401 Unauthorized Content-Type: application/json; charset=utf-8 Connection: keep-alive Host: www.myminifactory.com { "error": "access_denied", "error_description": "OAuth2 authentication required" } ``` -------------------------------- ### Check Object Upload Status Source: https://github.com/myminifactory/api-documentation/blob/master/upload-instructions.md Use this GET request to check the status of an object upload. If a file is missing, its upload_id can be used to re-upload it. ```http GET /api/v2/object/{id}/upload_status HTTP/1.1 Authorization: Bearer 79f4bd9c-5fa0-4415-819a-eabe28163108 Host: www.myminifactory.com Content-Type: application/json; charset=utf-8 ``` -------------------------------- ### Introspect Token using cURL Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Make a request to the introspect endpoint to get meta-information about an access or refresh token. Include a token type hint for clarity. ```bash curl --compressed -v https://auth.myminifactory.com/v1/oauth/introspect \ -u test_client:test_secret \ -d "token=1f962bd5-7890-435d-b619-584b6aa32e6c" \ -d "token_type_hint=access_token" ``` -------------------------------- ### Create Object Source: https://github.com/myminifactory/api-documentation/blob/master/upload-instructions.md Post basic information to create an object and specify the files to be uploaded. This step returns an object ID and upload IDs for each file. ```APIDOC ## POST /api/v2/object ### Description Post basic information to create an object and send the list of files that will be uploaded. The response will contain an object id and upload ids for each files requested to be uploaded. ### Method POST ### Endpoint /api/v2/object ### Parameters #### Request Body - **name** (string) - Required - Object name - **description** (string) - Optional - Description of the object, can contain links - **source_url** (string) - Optional - Source URL for the object (client application link) - **tags** (string) - Optional - Comma separated list of words - **files** (array) - Required - An object must contain at least one file - **filename** (string) - Required - Filename of the file that will be upload - **bytes** (integer) - Optional - Size in Bytes of the file (< 100MB) ### Request Example ```json { "name": "Well Designed Teapot", "description": "This Well designed teapot", "source_url": "https://example.com/teapot", "tags": "tea, teapot", "files": [ { "filename": "teapot.stl", "bytes": "44784" } ] } ``` ### Response #### Success Response (200) - **id** (integer) - MyMiniFactory id of the object - **name** (string) - Object name - **object_status_url** (string) - MyMiniFactory URL to track the status and curation process of the object - **object_url** (string) - MyMiniFactory URL of the object page - **files** (array) - List of files to be uploaded - **upload_id** (string) - Unique identifier to upload the file - **filename** (string) - Filename of the file to be uploaded #### Response Example ```json { "id": 42, "name": "Well Designed Teapot", "object_status_url": "https://myminifactory.com/curation/status/42", "object_url": "https://myminifactory.com/object/well-designed-teapot-42", "files": [ { "upload_id": "1589466a6a50a3", "filename": "teapot.stl" } ] } ``` ``` -------------------------------- ### Create Object Request Source: https://github.com/myminifactory/api-documentation/blob/master/upload-instructions.md Send basic object information and a list of files to create an object. The response includes an object ID and upload IDs for each file. ```http POST /api/v2/object HTTP/1.1 Authorization: Bearer 79f4bd9c-5fa0-4415-819a-eabe28163108 Content-Type: application/json; charset=utf-8 Content-Length: 192 { "name": "Well Designed Teapot", "description": "This Well designed teapot", "source_url": "https://example.com/teapot", "tags": "tea, teapot", "files": [ { "filename": "teapot.stl", "bytes": "44784" } ] } ``` -------------------------------- ### Create Object Response Source: https://github.com/myminifactory/api-documentation/blob/master/upload-instructions.md Response after creating an object, containing the MyMiniFactory object ID and upload IDs for the files to be uploaded. ```json HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Host: www.myminifactory.com { "id": 42, "name": "Well Designed Teapot", "object_status_url": "https://myminifactory.com/curation/status/42", "object_url": "https://myminifactory.com/object/well-designed-teapot-42", "files": [ { "upload_id": "1589466a6a50a3", "filename": "teapot.stl" } ] } ``` -------------------------------- ### Implicit Grant Authorization Request URLs Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Construct these URLs to initiate the implicit grant flow. Ensure 'client_id', 'redirect_uri', and 'state' are correctly set. The 'response_type' must be 'token'. Optional parameters like 'lang' and 'redirect_type' can be included. ```url https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=token&state=kjfgierwgn ``` ```url https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=token&state=kjfgierwgn&redirect_type=iframe ``` ```url https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=token&state=kjfgierwgn&lang=hu ``` -------------------------------- ### Handle Authorization Code Callback Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md This is the URI your callback route will receive after the user grants authorization. It contains the authorization code and the state parameter. ```url http://yoursite.com/callback?code=39835c5e-9576-4b44-b3da-dd9d5a14af94&state=kjfgierwgn ``` -------------------------------- ### Successful Object Upload Response Source: https://github.com/myminifactory/api-documentation/blob/master/upload-instructions.md This is the expected response after a successful object upload initiation. It confirms the filename that was processed. ```http HTTP/1.1 201 Created Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Host: www.myminifactory.com { "filename": "teapot.stl" } ``` -------------------------------- ### Handle Authorization Error Callback Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md If the resource owner denies access or an error occurs, the authorization server will redirect back with an error parameter in the URI. ```url http://yoursite.com/callback?error=access_denied&state=kjfgierwgn ``` -------------------------------- ### Implicit Grant Authorization Request Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Initiates the implicit grant flow by directing the user-agent to the authorization endpoint with necessary parameters. ```APIDOC ## GET /web/authorize ### Description Initiates the implicit grant flow by directing the user-agent to the authorization endpoint. ### Method GET ### Endpoint https://auth.myminifactory.com/web/authorize ### Parameters #### Query Parameters - **client_id** (string) - Required - Your MyMiniFactory client ID - **redirect_uri** (string) - Required - Your callback route which handles the authorization code - **response_type** (string) - Required - Must be `token` - **state** (string) - Required - A random string for avoiding XSS attacks - **lang** (string) - Optional - Language of the site (Supported: `en`,`hu`,`fr`,`sp`) - **redirect_type** (string) - Optional - Use `iframe` if the authservice is used as an iframe ### Request Example - Basic: `https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=token&state=kjfgierwgn` - Iframe: `https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=token&state=kjfgierwgn&redirect_type=iframe` - With Language: `https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=token&state=kjfgierwgn&lang=hu` ### Response #### Success Response (Redirection) Upon successful authorization, the user-agent is redirected to the `redirect_uri` with the access token and other details in the URL fragment. #### Response Example `http://yoursite.com/#access_token=4d3999a3-b276-4dc5-92f0-05cb905cd82b&expires_in=21600&state=somestate&token_type=Bearer` ``` -------------------------------- ### Refresh Access Token using cURL Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Use this command to refresh an access token when a refresh token is available. Ensure client authentication is included if required. ```bash curl --compressed -v https://auth.myminifactory.com/v1/oauth/tokens \ -u test_client:test_secret \ -d "grant_type=refresh_token" \ -d "refresh_token=6fd8d272-375a-4d8a-8d0f-43367dc8b791" ``` -------------------------------- ### Authorize Endpoint Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Initiates the OAuth 2.0 flow by directing the user-agent to the authorization endpoint. Clients include their client ID, requested scope, local state, and a redirection URI. ```APIDOC ## GET /web/authorize ### Description Initiates the OAuth 2.0 authorization flow. ### Method GET ### Endpoint https://auth.myminifactory.com/web/authorize ### Parameters #### Query Parameters - **client_id** (string) - Required - Your MyMiniFactory client ID - **redirect_uri** (string) - Required - Your callback route which handles the authorization code - **response_type** (string) - Required - It should be `code` - **state** (string) - Required - Some random string for avoid XSS attack - **lang** (string) - Optional - Language of the site (Supported languages: `en`,`hu`,`fr`,`sp`) - **redirect_type** (string) - Optional - Use `iframe` if the authservice is used as an iframe ### Request Example - Basic implementation: `https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=code&state=kjfgierwgn` - Iframe implementation: `https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=code&state=kjfgierwgn&redirect_type=iframe` - Implementation with language: `https://auth.myminifactory.com/web/authorize?client_id=test_client&redirect_uri=http://yoursite.com/callback&response_type=code&state=kjfgierwgn&lang=hu` ``` -------------------------------- ### Request Access Token with Authorization Code Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Use this cURL command to exchange the authorization code for an access token. Authenticate with your client ID and secret, and include the grant type, code, and redirect URI. ```curl curl --compressed -v https://auth.myminifactory.com/v1/oauth/tokens \ -u test_client:test_secret \ -d "grant_type=authorization_code" \ -d "code=39835c5e-9576-4b44-b3da-dd9d5a14af94" \ -d "redirect_uri=http://yoursite.com/callback" ``` -------------------------------- ### Post File Source: https://github.com/myminifactory/api-documentation/blob/master/upload-instructions.md Upload the actual file content using the provided upload_id. The request body should only contain the file's binary data. ```APIDOC ## POST /api/v2/file ### Description Using the given `upload_id`, post the post the actual file. This request must only contain the content of the file. Therefore, the `Content-Length` header the should be the size of the file. ### Method POST ### Endpoint /api/v2/file ### Parameters #### Query Parameters - **upload_id** (string) - Required - Unique identifier to upload the file ### Request Example ``` POST /api/v2/file?upload_id=1589466a6a50a3 HTTP/1.1 Authorization: Bearer 79f4bd9c-5fa0-4415-819a-eabe28163108 Host: www.myminifactory.com Content-Type: application/octet-stream Content-Length: 44784 Content-Disposition: filename="teapot.stl" BINARY_FILE_DATA ``` ``` -------------------------------- ### Implicit Grant Redirect Response Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md This is the expected format of the redirect URI after a successful implicit grant authorization. It contains the access token and other relevant information in the URL fragment. ```url http://yoursite.com/#access_token=4d3999a3-b276-4dc5-92f0-05cb905cd82b&expires_in=21600&state=somestate&token_type=Bearer ``` -------------------------------- ### Access Token Response Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md The authorization server responds with an access token, its expiration time, token type, and optionally a refresh token upon successful validation of the authorization code. ```json { "user_id": 1, "access_token": "00ccd40e-72ca-4e79-a4b6-67c95e2e3f1c", "expires_in": 3600, "token_type": "Bearer", "refresh_token": "6fd8d272-375a-4d8a-8d0f-43367dc8b791" } ``` -------------------------------- ### Upload File Request Source: https://github.com/myminifactory/api-documentation/blob/master/upload-instructions.md Post the actual file content using the provided upload_id. The Content-Length header must match the file size. ```http POST /api/v2/file?upload_id=1589466a6a50a3 HTTP/1.1 Authorization: Bearer 79f4bd9c-5fa0-4415-819a-eabe28163108 Host: www.myminifactory.com Content-Type: application/octet-stream Content-Length: 44784 Content-Disposition: filename="teapot.stl" BINARY_FILE_DATA ``` -------------------------------- ### Check Upload Status Source: https://github.com/myminifactory/api-documentation/blob/master/upload-instructions.md Query this endpoint to ensure the operation is finished and all files have been correctly uploaded. If a file is missing, you can use Step 2 with its upload_id to upload it again. ```APIDOC ## GET /api/v2/object/{id}/upload_status ### Description Checks the upload status of an object. ### Method GET ### Endpoint /api/v2/object/{id}/upload_status ### Parameters #### Path Parameters - **id** (string) - Required - MyMiniFactory id of the object #### Query Parameters None #### Request Body None ### Request Example ```http GET /api/v2/object/42/upload_status HTTP/1.1 Authorization: Bearer 79f4bd9c-5fa0-4415-819a-eabe28163108 Host: www.myminifactory.com Content-Type: application/json; charset=utf-8 ``` ### Response #### Success Response (200) - **id** (string) - MyMiniFactory id of the object - **name** (string) - Object name - **object_status_url** (string) - MyMiniFactory URL to track the status and curation process of the object - **object_url** (string) - MyMiniFactory URL of the object page - **files** (array) - List to-be-uploaded files and their upload status - **upload_id** (string) - Unique identifier to re-upload the file - **filename** (string) - Filename of the file - **status** (string) - The different status values are `pending`, `failed`, `done` #### Response Example ```json { "id": "42", "name": "Well Designed Teapot", "object_status_url": "https://myminifactory.com/curation/status/42", "object_url": "https://myminifactory.com/object/well-designed-teapot-42", "files": [ { "upload_id": "1589466a6a50a3", "filename": "teapot.stl", "status": "uploaded" } ] } ``` #### Error Response format ```http HTTP/1.1 401 Unauthorized Content-Type: application/json; charset=utf-8 Connection: keep-alive Host: www.myminifactory.com { "error": "access_denied", "error_description": "OAuth2 authentication required" } ``` - **error** (string) - Error code string - **error_description** (string) - Detailed description of the error ``` -------------------------------- ### Mobile Login Expected Response Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md The expected JSON response after revoking the access token for mobile users. It includes a new, longer-lived access token or an error object. ```json { "user_id": USER_ID, "access_token": NEW_ACCESS_TOKEN, "expires_in": 7200, "token_type": "Bearer" } or { "error": ERROR } ``` -------------------------------- ### Refresh Access Token (Mobile) Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Refreshes the access token for mobile users, providing a new token with a 2-hour expiry. ```APIDOC ## POST /v1/oauth/mobile/refresh ### Description Refreshes an existing access token for mobile users, issuing a new token with a 2-hour expiry. ### Method POST ### Endpoint https://auth.myminifactory.com/v1/oauth/mobile/refresh ### Parameters #### Request Body - **client_key** (string) - Required - Your MyMiniFactory client key - **access_token** (string) - Required - The old access token to refresh - **device_id** (string) - Required - The device ID, which must match the one used during login ### Request Example ```curl curl --compressed -v https://auth.myminifactory.com/v1/oauth/mobile/refresh \ -d "client_key=YOUR_CLIENT_KEY" \ -d "access_token=OLD_ACCESS_TOKEN" \ -d "device_id=ID_OF_THE_DEVICE" ``` ### Response #### Success Response (200) Returns a new access token with a 2-hour expiry. - **user_id** (string) - The ID of the user - **access_token** (string) - The new access token - **expires_in** (integer) - Expiry time in seconds (7200 for 2 hours) - **token_type** (string) - Type of the token (e.g., `Bearer`) #### Error Response (4xx/5xx) - **error** (string) - Description of the error #### Response Example ```json { "user_id": USER_ID, "access_token": NEW_ACCESS_TOKEN, "expires_in": 7200, "token_type": "Bearer" } ``` ``` -------------------------------- ### Token Endpoint Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Exchanges an authorization code for an access token and optionally a refresh token. This endpoint is optimized for confidential clients. ```APIDOC ## POST /v1/oauth/tokens ### Description Exchanges an authorization code for an access token and refresh token. ### Method POST ### Endpoint https://auth.myminifactory.com/v1/oauth/tokens ### Parameters #### Request Body - **grant_type** (string) - Required - Must be `authorization_code` - **code** (string) - Required - The authorization code received from the authorize endpoint - **redirect_uri** (string) - Required - The callback route used to obtain the authorization code ### Request Example ```bash curl --compressed -v https://auth.myminifactory.com/v1/oauth/tokens \ -u test_client:test_secret \ -d "grant_type=authorization_code" \ -d "code=39835c5e-9576-4b44-b3da-dd9d5a14af94" \ -d "redirect_uri=http://yoursite.com/callback" ``` ### Response #### Success Response (200) - **user_id** (integer) - The ID of the authenticated user - **access_token** (string) - The access token for API requests - **expires_in** (integer) - The lifetime in seconds of the access token - **token_type** (string) - The type of token, typically `Bearer` - **refresh_token** (string) - The token used to obtain a new access token #### Response Example ```json { "user_id": 1, "access_token": "00ccd40e-72ca-4e79-a4b6-67c95e2e3f1c", "expires_in": 3600, "token_type": "Bearer", "refresh_token": "6fd8d272-375a-4d8a-8d0f-43367dc8b791" } ``` ``` -------------------------------- ### Refresh Access Token (Mobile Implicit Grant) Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Refresh the access token for mobile clients. This requires the client key, the old access token, and the device ID used during login. It provides a new access token with a 2-hour expiry. ```curl curl --compressed -v https://auth.myminifactory.com/v1/oauth/mobile/refresh \ -d "client_key=YOUR_CLIENT_KEY" \ -d "access_token=OLD_ACCESS_TOKEN" \ -d "device_id=ID_OF_THE_DEVICE" ``` -------------------------------- ### Successful Upload Status Response Source: https://github.com/myminifactory/api-documentation/blob/master/upload-instructions.md This response indicates the status of an object's files. If a file's status is 'pending' or 'failed', it can be re-uploaded using its upload_id. ```http HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Host: www.myminifactory.com { "id": "42", "name": "Well Designed Teapot", "object_status_url": "https://myminifactory.com/curation/status/42", "object_url": "https://myminifactory.com/object/well-designed-teapot-42", "files": [ { "upload_id": "1589466a6a50a3", "filename": "teapot.stl", "status": "uploaded" } ] } ``` -------------------------------- ### Revoke Access Token (Mobile Login) Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md For mobile clients, this endpoint revokes the initial short-lived access token and obtains a new one with a 2-hour expiry. ```APIDOC ## POST /v1/oauth/mobile/login ### Description Revokes the initial access token obtained via implicit grant for mobile users and issues a new one with a 2-hour expiry. ### Method POST ### Endpoint https://auth.myminifactory.com/v1/oauth/mobile/login ### Parameters #### Request Body - **client_key** (string) - Required - Your MyMiniFactory client key - **access_token** (string) - Required - The initial access token obtained from the implicit grant - **device_info** (object) - Required - Information about the device - **device_id** (string) - Required - ID of the device - **manufacturer** (string) - Required - Manufacturer of the device - **device_model** (string) - Required - Model of the device - **locale** (string) - Required - Locale of the device - **user_agent** (string) - Required - User agent string ### Request Example ```curl curl --compressed -v https://auth.myminifactory.com/v1/oauth/mobile/login \ -d "client_key=YOUR_CLIENT_KEY" \ -d "access_token=ACCESS_TOKEN" \ -d 'device_info={"device_id":"ID_OF_THE_DEVICE","manufacturer":"DEVICE","device_model":"MODEL","locale":"LOCALE","user_agent":"USER_AGENT"}' ``` ### Response #### Success Response (200) Returns a new access token with a 2-hour expiry. - **user_id** (string) - The ID of the user - **access_token** (string) - The new access token - **expires_in** (integer) - Expiry time in seconds (7200 for 2 hours) - **token_type** (string) - Type of the token (e.g., `Bearer`) #### Error Response (4xx/5xx) - **error** (string) - Description of the error #### Response Example ```json { "user_id": USER_ID, "access_token": NEW_ACCESS_TOKEN, "expires_in": 7200, "token_type": "Bearer" } ``` ``` -------------------------------- ### Token Introspection Response Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md This JSON object contains meta-information about the token, including its active status, client ID, and expiration time. ```json { "active": true, "client_id": "test_client", "username": "test@username", "token_type": "Bearer", "exp": 1454868090 } ``` -------------------------------- ### Access Token Introspection Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Clients can query the introspect endpoint to retrieve meta-information about an issued access token or refresh token. This is useful for validating token status and associated details. ```APIDOC ## POST /v1/oauth/introspect ### Description Introspects an access token or refresh token to retrieve its meta-information. ### Method POST ### Endpoint https://auth.myminifactory.com/v1/oauth/introspect ### Parameters #### Query Parameters - **token** (string) - Required - The token to introspect. - **token_type_hint** (string) - Optional - A hint as to whether the token is an "access_token" or "refresh_token". ### Request Example ```curl curl --compressed -v https://auth.myminifactory.com/v1/oauth/introspect \ -u test_client:test_secret \ -d "token=1f962bd5-7890-435d-b619-584b6aa32e6c" \ -d "token_type_hint=access_token" ``` ### Response #### Success Response (200) - **active** (boolean) - Indicates if the token is currently active. - **client_id** (string) - The client ID associated with the token. - **username** (string) - The username associated with the token (if applicable). - **token_type** (string) - The type of the token (e.g., "Bearer"). - **exp** (integer) - The expiration timestamp of the token. #### Response Example ```json { "active": true, "client_id": "test_client", "username": "test@username", "token_type": "Bearer", "exp": 1454868090 } ``` ``` -------------------------------- ### Refresh Access Token Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md Clients can refresh an expired access token by sending a refresh token to the token endpoint. The server validates the refresh token and issues a new access token, potentially a new refresh token as well. ```APIDOC ## POST /v1/oauth/tokens ### Description Refreshes an access token using a valid refresh token. ### Method POST ### Endpoint https://auth.myminifactory.com/v1/oauth/tokens ### Parameters #### Query Parameters - **grant_type** (string) - Required - Must be "refresh_token". - **refresh_token** (string) - Required - The refresh token to use for obtaining a new access token. ### Request Example ```curl curl --compressed -v https://auth.myminifactory.com/v1/oauth/tokens \ -u test_client:test_secret \ -d "grant_type=refresh_token" \ -d "refresh_token=6fd8d272-375a-4d8a-8d0f-43367dc8b791" ``` ### Response #### Success Response (200) - **user_id** (integer) - The ID of the user associated with the token. - **access_token** (string) - The newly issued access token. - **expires_in** (integer) - The lifetime in seconds of the access token. - **token_type** (string) - The type of token, typically "Bearer". - **refresh_token** (string) - An optional new refresh token. If provided, the client must use this new token and discard the old one. #### Response Example ```json { "user_id": 1, "access_token": "1f962bd5-7890-435d-b619-584b6aa32e6c", "expires_in": 3600, "token_type": "Bearer", "refresh_token": "3a6b45b8-9d29-4cba-8a1b-0093e8a2b933" } ``` ``` -------------------------------- ### Revoke Access Token (Mobile Implicit Grant) Source: https://github.com/myminifactory/api-documentation/blob/master/oauth2-instructions.md For mobile clients, revoke the initial short-lived access token by sending device information. This allows you to obtain a new, longer-lived access token. ```curl curl --compressed -v https://auth.myminifactory.com/v1/oauth/mobile/login \ -d "client_key=YOUR_CLIENT_KEY" \ -d "access_token=ACCESS_TOKEN" \ -d 'device_info={"device_id":"ID_OF_THE_DEVICE","manufacturer":"DEVICE","device_model":"MODEL","locale":"LOCALE","user_agent":"USER_AGENT"}' ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.