Comment on page
Renew Access Token
To simplify the authenticate process and enable resource-constrained IoT devices to regularly update the access token, we have created an API that allows IoT devices to renew their access tokens based on a previously issued access token.
To successfully renew an access token with the IdP, the device has to provide a valid access token in exchange. Important to notice is that you cannot request any different scopes than in the initially issued access token. Furthermore, the previously issued token has to have the scope
refresh.tokenwhich authorizes the device to access API to renew the token.
You may choose to limit the number of sequential token renewal requests, forcing the device to request a new access token by authenticating with a private key JWT from time to time.