0.1.0
π
Quickstart Guides
π
SDK Reference
π‘οΈ Protecting Your Account
ποΈ Getting Access Token
Renewing Expired Tokens
Access Tokens and ID Tokens are valid for 1 hour. To generate new tokens, you need to use the Refresh Token.
Renewing Tokens using the SDK
Cotter's SDK generally handles this for you. Check the availability below.
React Native
JavaScript (from npm)
Flutter
Other SDKs (coming soon)
β
Cotter's JavaScript SDK (from npm) automatically renews your
access_token and id_token whenever there is a valid refresh_token in storage. This renewal is called when you call Cotter's Get Access Token function.
1
cotter.tokenHandler.getAccessToken();
Copied!
β
Cotter's JavaScript SDK (from npm) automatically renews your
access_token and id_token whenever there is a valid refresh_token in storage.1
cotter.tokenHandler.getAccessToken();
Copied!
β
Cotter's Flutter SDK automatically renews your
access_token and id_token whenever there is a valid refresh_token in storage.1
var accessToken = await cotter.getAccessToken();
Copied!
We'll add support for Android and iOS soon π. Stay tuned!
Renewing Tokens using Refresh Token
If Cotter's SDK doesn't support auto renewal, or if you you need to renew the tokens manually, you can make an HTTP request to Cotter's Server to renew the tokens using a
refresh_token.1
curl -XPOST \
2
-H 'API_KEY_ID: <YOUR API KEY ID>' \
3
-H "Content-type: application/json" \
4
-d '{
5
"grant_type": "refresh_token",
6
"refresh_token": "<REFRESH_TOKEN>"
7
}' 'https://www.cotter.app/api/v0/token/<YOUR API KEY ID>'
Copied!
post
https://www.cotter.app
/api/v0/token/<YOUR API KEY ID>
Get Token using Refresh Token
Refresh Token Rotation
Note that this does invalidates the old
refresh_token and return a new refresh_tokenRenewing Expired Refresh Token
When your
refresh_token is expired, you have to re-authenticate your user. If you're using Trusted Devices and the current device is a trusted device, you can simply request authentication silently, in the background by Signing in with Device.