Pre-requisites
- You must have signed up for a MediaValet API Developer Account, subscribed to a plan and have been provided a ClientId and ClientSecret from MediaValet's Support Team.
- Check out the "Getting Started" section at https://docs.mediavalet.com/ to initiate your API setup process.
- Check out the "Getting Started" section at https://docs.mediavalet.com/ to initiate your API setup process.
- Your MediaValet - Guide Variables environment must have the ClientId, ClientSecret, Scope (the scope should be api offline_access), State and redirect_URI values configured.
- The base URL for all authentication requests is https://login.mediavalet.com
A refresh token is used to generate additional access tokens. This allows you to have short-lived access tokens without having to collect credentials every single time one expires. You request this token alongside the access and/or ID tokens as part of a user's initial authentication flow.
To refresh your access token as well as an ID token, you send a token request with a grant_type of
refresh_token
Request Parameters:
| Parameter | Description |
|---|---|
| client_id | Identifies the client and must match the value pre-registered with MediaValet. |
| client_secret | This client secret is used in conjunction with client_id to authenticate the client application. |
| code | The value is what was returned from the authorization endpoint. The code has a lifetime of 60 seconds. |
| grant_type | Can be one of the following: authorization_code or refresh_token. Determines the mechanism MediaValet uses to authorize the creation of the tokens. |
| redirect_uri | Required when grant_type is authorization_code. Specifies the callback location where the authorization was sent. This value must match the redirect_uri used to generate the original authorization_code. |
| refresh_token | Required when grant_type is refresh_token. The value is a valid refresh token that was returned from this endpoint previously. |
- From the Postman "Authentication" screen, ensure the Refresh Token URL value is set to
{{baseAuthURL}}/connect/token?grantype=refresh_token
- Make sure that the Scope is api offline_access
- Click the "Get New Access Token" orange button found at the bottom of the page. You will be prompted to input your MediaValet library's user account credentials from the pop-up window that appears
- Once successfully authenticated, click "Proceed" from the notification screen that appears in Postman and copy the value that appears in the refresh_token header as shown below:
- Open a new tab in Postman and perform a POST request against https://login.mediavalet.com/connect/token with the following values configured in the body
- refresh_token = {This should be the value that was copied from the authentication header}
- client_Id = Provided by MediaValet Support Team during setup
- client_secret = Provided by MediaValet Support Team during setup
- grant_type = refresh_token
An example of this can be seen below:
- In the response, you will then provided with a new Access_Token and refresh_token. The above steps can be completed continuously to provision new access tokens as needed to extend the lifespan of the authentication.