{"type":"api","title":"Refresh Access Token","meta":{"id":"/apps/pubhub/media/cisco-security-cloud-control-api-documentation/bd3c22528ebef6d885e8228912d519f34bded077/93440196-979f-3e2d-8df3-11ca30919752","info":{"title":"Cisco Security Cloud Control Platform Management APIs","description":"Manage the organizations in Security Cloud Control.","contact":{"name":"Cloud Security Developer Community"},"version":"1.0.3"},"security":[{"bearerHttpAuthentication":[]}],"tags":[{"name":"Admin Groups","description":"Managing groups"},{"name":"Users","description":"Managing users"},{"name":"Roles","description":"Managing roles"},{"name":"Subscriptions","description":"Managing subscriptions"},{"name":"Organizations","description":"Managing organizations"},{"name":"Refresh Token","description":"Refresh the access token."}],"x-parser-conf":{"overview":{"markdownPath":"reference/overview-scc-organizations.md"}},"openapi":"3.1.0","servers":[{"url":"https://api.security.cisco.com/{basePath}","description":"Security Cloud Control (SCC) base server URL","variables":{"basePath":{"description":"API base path version","default":"v1"}}}],"securitySchemes":{"bearerHttpAuthentication":{"type":"http","description":"JWT Authorization header using the Bearer scheme. Example: 'Bearer {token}'.\nRequired scopes: security:enterprise:member (Read organizations),\nsecurity:enterprise:admin (Write organizations)\n","scheme":"bearer","bearerFormat":"JWT"},"refreshTokenAuth":{"type":"http","description":"Refresh token for obtaining a new access token","scheme":"bearer","bearerFormat":"JWT"}}},"spec":{"tags":["Refresh Token"],"summary":"Refresh Access Token","description":"Create a new access token using a refresh token for API key authentication.\n\nThe refresh token must be provided in the `Authorization` header as a Bearer token:\n\n```\nAuthorization: Bearer \u003crefresh_token\u003e\n```\nThe organization ID and API key ID are required path parameters.\n","operationId":"createToken","parameters":[{"name":"orgId","in":"path","description":"Unique identifier of the organization. This is a UUID string.","required":true,"schema":{"type":"string","minLength":1,"pattern":"^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$"},"example":"123e4567-e89b-12d3-a456-426614174000","$$ref":"#/components/parameters/orgId"},{"name":"apiKeyId","in":"path","description":"Unique identifier of the API key. This is a UUID string.","required":true,"schema":{"type":"string","minLength":1,"pattern":"^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$"},"example":"a1b2c3d4-e5f6-7890-abcd-ef1234567890","$$ref":"#/components/parameters/apiKeyId"}],"requestBody":{"description":"The form data containing the refresh token and grant type.","content":{"application/x-www-form-urlencoded":{"schema":{"type":"object","description":"Form data required to refresh an access token using a refresh token grant.","properties":{"grant_type":{"type":"string","description":"The grant type for the token request","example":"refresh_token"}},"required":["grant_type"],"$$ref":"#/components/schemas/RefreshTokenFormRequest"},"example":{"grant_type":"refresh_token"}}},"required":true},"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object","description":"The properties of the response that contain the new access token and related information.","example":{"access_token":"eyJhbGciOiJSUzI1NiJ9...","expires_in":64799,"refresh_token":"RjFhMGZkYzctYTI2My00Njc2LTgyMWUtZDljNjhjMGMyYTk0...","refresh_token_expires_in":5183999,"token_type":"Bearer"},"properties":{"access_token":{"type":"string","description":"The value of the access token used for API authentication.","example":"eyJhbGciOiJSUzI1NiJ9..."},"expires_in":{"type":"integer","format":"int32","description":"The time in seconds when the access token expires.","example":64799},"refresh_token":{"type":"string","description":"The value of the refresh token to use for future token refresh operations.","example":"RjFhMGZkYzctYTI2My00Njc2LTgyMWUtZDljNjhjMGMyYTk0..."},"refresh_token_expires_in":{"type":"integer","format":"int32","description":"The time in seconds when the refresh token expires.","example":5183999},"token_type":{"type":"string","default":"Bearer","description":"The type of the issued token.","example":"Bearer"},"permissions":{"type":"array","description":"List of permissions associated with the token.","items":{"type":"object","description":"Represents a permission associated with an access token, defining the role and scope of access for a specific product or service.","properties":{"roleId":{"type":"string","description":"Unique identifier for the role assigned to the user. This is a UUID string.","example":"27092051-0c68-411e-b62a-33bc807f3dbb"},"roleName":{"type":"string","description":"Full name of the role, including the product or service name.","example":"Security Cloud Control - Administrator"},"product":{"type":"string","description":"Name of the product or service to which this permission applies.","example":"Security Cloud Control"},"productKey":{"type":"string","description":"Unique key identifier for the product or service.","example":"enterprise"},"roleDisplayName":{"type":"string","description":"Human-readable display name for the role, typically shown in user interfaces.","example":"Organization Administrator"},"productInstanceId":{"type":"string","description":"Identifier for the specific instance of the product or service.","example":"enterprise-default-instance"},"roleType":{"type":"string","description":"Type of the role, indicating whether it's static (predefined) or dynamic (custom).","example":"static"},"applicationScopeIds":{"type":"array","description":"List of application scope identifiers that define the boundaries of access for this permission.","items":{"type":"string"}}},"$$ref":"#/components/schemas/Permission"}}},"required":["access_token","expires_in","refresh_token","refresh_token_expires_in","token_type"],"$$ref":"#/components/schemas/RefreshTokenResponse"}}}},"400":{"description":"Bad Request: The request was invalid or cannot be otherwise served. An accompanying error message will explain further.","headers":{"Content-Type":{"description":"The MIME content type of the response body.","schema":{"type":"string"},"example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"description":"The timestamp of the response.","schema":{"type":"string","pattern":"^[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}Z$"},"example":"2025-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","description":"Standard error response payload returned by the API.","properties":{"trackingId":{"type":"string","format":"uuid","description":"Unique identifier to help debug the flow.","example":"e722d145-7f32-4a73-986f-82f28c9bf6ce"},"message":{"type":"string","description":"Description of the error","example":"Description"},"timestamp":{"type":"string","format":"date-time","description":"Timestamp when the error occurred.","example":"2026-03-09T16:09:28.683007Z"},"statusCode":{"type":"integer","format":"int32","description":"HTTP status code for this error response.","example":400},"path":{"type":"string","description":"Request path that produced the error.","example":"/v1/organizations"}},"required":["message","path","statusCode","timestamp","trackingId"],"$$ref":"#/components/schemas/ErrorResponse"},"example":{"trackingId":"e722d145-7f32-4a73-986f-82f28c9bf6ce","message":"Bad Request","timestamp":"2026-03-09T16:09:28.683007Z","statusCode":400,"path":"/v1/{resource}"}}},"$$ref":"#/components/responses/400Error"},"401":{"description":"Unauthorized: Authentication credentials were missing or incorrect.","headers":{"Content-Type":{"description":"The MIME content type of the response body.","schema":{"type":"string"},"example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"description":"The timestamp of the response.","schema":{"type":"string","pattern":"^[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}Z$"},"example":"2025-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","description":"Standard error response payload returned by the API.","properties":{"trackingId":{"type":"string","format":"uuid","description":"Unique identifier to help debug the flow.","example":"e722d145-7f32-4a73-986f-82f28c9bf6ce"},"message":{"type":"string","description":"Description of the error","example":"Description"},"timestamp":{"type":"string","format":"date-time","description":"Timestamp when the error occurred.","example":"2026-03-09T16:09:28.683007Z"},"statusCode":{"type":"integer","format":"int32","description":"HTTP status code for this error response.","example":400},"path":{"type":"string","description":"Request path that produced the error.","example":"/v1/organizations"}},"required":["message","path","statusCode","timestamp","trackingId"],"$$ref":"#/components/schemas/ErrorResponse"},"example":{"trackingId":"e722d145-7f32-4a73-986f-82f28c9bf6ce","message":"Unauthorized","timestamp":"2026-03-09T16:09:28.683007Z","statusCode":401,"path":"/v1/{resource}"}}},"$$ref":"#/components/responses/401Error"},"403":{"description":"Forbidden: The request is understood, but it has been refused or access is not allowed.","headers":{"Content-Type":{"description":"The MIME content type of the response body.","schema":{"type":"string"},"example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"description":"The timestamp of the response.","schema":{"type":"string","pattern":"^[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}Z$"},"example":"2025-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","description":"Standard error response payload returned by the API.","properties":{"trackingId":{"type":"string","format":"uuid","description":"Unique identifier to help debug the flow.","example":"e722d145-7f32-4a73-986f-82f28c9bf6ce"},"message":{"type":"string","description":"Description of the error","example":"Description"},"timestamp":{"type":"string","format":"date-time","description":"Timestamp when the error occurred.","example":"2026-03-09T16:09:28.683007Z"},"statusCode":{"type":"integer","format":"int32","description":"HTTP status code for this error response.","example":400},"path":{"type":"string","description":"Request path that produced the error.","example":"/v1/organizations"}},"required":["message","path","statusCode","timestamp","trackingId"],"$$ref":"#/components/schemas/ErrorResponse"},"example":{"trackingId":"e722d145-7f32-4a73-986f-82f28c9bf6ce","message":"Forbidden","timestamp":"2026-03-09T16:09:28.683007Z","statusCode":403,"path":"/v1/{resource}"}}},"$$ref":"#/components/responses/403Error"},"500":{"description":"Internal Server Error: Something went wrong on the server. If the issue persists, feel free to contact the Cisco Security Cloud Control support team with the trackingId provided in the response header.","headers":{"Content-Type":{"description":"The MIME content type of the response body.","schema":{"type":"string"},"example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"description":"The timestamp of the response.","schema":{"type":"string","pattern":"^[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}Z$"},"example":"2025-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","description":"Standard error response payload returned by the API.","properties":{"trackingId":{"type":"string","format":"uuid","description":"Unique identifier to help debug the flow.","example":"e722d145-7f32-4a73-986f-82f28c9bf6ce"},"message":{"type":"string","description":"Description of the error","example":"Description"},"timestamp":{"type":"string","format":"date-time","description":"Timestamp when the error occurred.","example":"2026-03-09T16:09:28.683007Z"},"statusCode":{"type":"integer","format":"int32","description":"HTTP status code for this error response.","example":400},"path":{"type":"string","description":"Request path that produced the error.","example":"/v1/organizations"}},"required":["message","path","statusCode","timestamp","trackingId"],"$$ref":"#/components/schemas/ErrorResponse"},"example":{"trackingId":"e722d145-7f32-4a73-986f-82f28c9bf6ce","message":"Internal Server Error","timestamp":"2026-03-09T16:09:28.683007Z","statusCode":500,"path":"/v1/{resource}"}}},"$$ref":"#/components/responses/500Error"}},"security":[{"refreshTokenAuth":[]}],"method":"post","path":"/organizations/{orgId}/apiKeys/{apiKeyId}/token"}}