Skip to main content
POST
/
refresh-token
Refresh Token
curl --request POST \
  --url https://staging-api.puppetvendors.com/refresh-token \
  --header 'x-access-token: <api-key>'
V2 Alpha — This endpoint is part of the V2 API preview. Breaking changes may occur.

Overview

Exchange a valid (non-expired) vendor JWT token for a new one with a fresh 24-hour expiry. Use this to maintain sessions without requiring re-authentication with the API key. The new token inherits the vendor scope from the original.

Use Cases

  • Long-running integrations — Automatically refresh tokens before they expire
  • Vendor portal sessions — Keep your session alive without re-entering the API key

Request

No request body required. The current token is read from the x-access-token header.

Response

200
{
  "success": true,
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "expiresIn": 86400,
    "shopDomain": "my-store.myshopify.com"
  }
}

Error Response

401
{
  "success": false,
  "error": {
    "message": "Invalid or expired token",
    "code": "UNAUTHORIZED"
  }
}

Example

curl -X POST https://staging-api.puppetvendors.com/refresh-token \
  -H "x-access-token: YOUR_VENDOR_TOKEN"