Used by: This endpoint is used mainly by publishers.
NOTE: This endpoint can be called from the client side (for example, a browser or a mobile app) because it does not require using an API key.
Add the content of the
refresh_token value, returned in the response from the previous POST /token/generate or
POST /token/refresh operation, as the POST body.
Here's what you need to know about this endpoint:
- No encryption is required for token refresh requests.
- If the request is successful, with an HTTP status code of 200, a new UID2 token or opt-out information is returned.
- Successful responses, whether the response includes a new token or opt-out information, are encrypted. Error responses are not encrypted.
- To decrypt responses, use the most recent
refresh_response_keyvalue for this token. The
refresh_response_keyvalue is returned in the response to the POST /token/generate and
POST /token/refreshoperations. Each time a token is refreshed, a new
refresh_response_keyis returned. Be sure to use the most recent one to decrypt the current response.
|Path Parameter||Data Type||Attribute||Description|
|string||Required||Testing environment: |
For a full list, including regional operators, see Environments.
NOTE: The integration environment and the production environment require different API keys.
Using either of the following parameters in a POST /token/generate request always generates an identity response with a
refresh_token that results in a logout response when used with the
POST /token/refresh endpoint:
For details and Python script examples, see Encrypting Requests and Decrypting Responses (Python script example).
Decrypted JSON Response Format
A decrypted successful response includes a new UID2 token (
advertising_token) and associated values for the user, or indicates that the user has opted out.
NOTE: The responses are encrypted only if the HTTP status code is 200. Error responses are not encrypted.
This section includes the following sample responses:
Successful Response With Tokens
If all values are valid and the user has not opted out, the response is successful and a new UID2 token is returned, with associated values. The following example shows a decrypted successful response with tokens:
Successful Response With Opt-Out
If the user has opted out, the response is successful but a new UID2 token is not returned. The following example shows a decrypted opt-out response:
An error response might look like the following:
"message": "Client Error"
Response Body Properties
|string||The UID2 token (also known as advertising token) for the user.|
|string||An encrypted token that can be exchanged with the UID2 Service for the latest set of identity tokens.|
|double||The UNIX timestamp (in milliseconds) that indicates when the UID2 token expires.|
TIP: If you are not using the SDK, consider refreshing the UID2 token from this timestamp, too.
|double||The UNIX timestamp (in milliseconds) that indicates when the refresh token expires.|
|string||A key to be used in a new POST /token/refresh request for response decryption.|
Response Status Codes
The following table lists the
status property values and their HTTP status code equivalents.
|Status||HTTP Status Code||Description|
|200||The request was successful and a new UID2 token, with associated values, is returned in the response. The response is encrypted.|
|200||The user opted out. This status is returned only for authorized requests. The response is encrypted.|
|400||The request had missing or invalid parameters.|
|401||The request did not include a bearer token, included an invalid bearer token, or included a bearer token unauthorized to perform the requested operation.|
status value is anything other than
message field provides additional information about the issue.