improved
2025-03 Refresh Token Flow Update
16 days ago by ReadMe API
In August 2024, we notified integrators about an upcoming change to the refresh token flow. As of March 2025, this change has been gradually rolling out.
With this update, when an access token is requested using a refresh token, the previously used refresh token will be revoked once a new one is issued. This means integrators must always use the latest refresh token returned in the response.
Endpoint to Refresh Access Token
URL:
https://example.retail.lightspeed.app/api/1.0/token
Parameters:
- refresh_token
- client_id
- client_secret
- grant_type (use refresh_token when refreshing tokens)
Response Example:
{
"access_token": "KD7gspXvfAmOsspC65YDqqJQ6FcAYbRROc4zPIMZ",
"token_type": "Bearer",
"expires": 1387145621,
"expires_in": 604800,
"refresh_token": "new_refresh_token",
"domain_prefix": "domain_prefix",
"scope": ""
}
Always use the latest refresh token returned in the response. Using an old refresh token will result in authentication failures.