4. (Optional) Refresh access token after expiry

Tutorial: Authenticate App User with Pandora

4. (Optional) Refresh access token after expiry

When your access token expires, you can use your refresh token to request a new access token.

Do a POST request to https://www.pandora.com/oauth/v1/token, with the content type application/x-www-form-urlencoded and the values.

Parameter	Description	Type	Example	Required
`grant_type`	Refresh_token indicating that we are using the refresh grant type	string	"refresh_token"	Yes
`refresh_token`	A token that can be used at the refresh endpoint to fetch a fresh `access_token`	string	"eyJ6aXAiOiJERU YiLCJraWQiOiJlb mMxNTEzNzgzO TU4IiwiY3R5IjoiSl ... hExXkolqVB4y5 yOk.B7eRL3XpB wKtpcc9rgVjJQ"	Yes

Additionally, the client must include a basic authentication header:
Authorization: Basic Base64Encode(client_id:client_secret)

You can use this curl command to test:



curl 'https://www.pandora.com/oauth/v1/token' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -H 'Authorization: Basic ' \
  -d grant_type=refresh_token \
  -d refresh_token=

If everything is valid, we respond with a JSON object that contains:

Parameter	Description	Type	Example
`access_token`	The access token that can be used to access a Pandora protected resource.	string	"STRING"
`refresh_token`	The same `refresh_token` received in the token request the first time around.	string	"STRING"
`expires_in`	The time in seconds that the access token is valid for (the refresh_token does not expire). After expiry, use the refresh_token to get a new `access_token`.	number	"14000"
`token_type`	Type of the token, typically "Bearer".	number	"Bearer"