Refresh a token
Login with Zip
Give your shoppers the option to Login to your website using Zip and pay seamlessly.
The API call you will make to refresh the access token is the /tokens endpoint again, however this time we will use our
refresh_token to authorise this refresh.
This request should be made before each
/charges request to generate a new access_token. Doing so will reset the refresh_token 30 day life span.
This can also be used as a scheduled refresh mechanism to ensure customer tokens never expire.
This request will contain:
The Zip API response will contain:
access_token(for placing charges)
refresh token(for permanent storage)
This /tokens API call should be made from your server and not directly from the client front end.
The API request
You will have already obtained the customer refresh_token code when it is returned by Zip in your initial /token call. This value will not change when refreshing the token, but its expiry will reset.
Client ID and Client secret
These will be provided by the Zip team for each environment.
The full request
curl --location --request POST 'https://sandbox.zip.co/login/connect/token?client_id=<client_id>&client_secret=<client_secret>&grant_type=refresh_token&refresh_token=<refresh_token>' \
- Access token: Expires after 30 mins
- Refresh token: Expires after 30 days
Finalise the payment
To complete the purchase you must create a charge
Updated 12 months ago