Refresh Existing OAUTH2 Token Example - Python

About this Python Sample App

This sample app is a very simple Python application that does the following:

  1. Refreshes an existing token stored on the file system in a json file using its refresh_token.

There are comments in the code that describe high-level what is happening.

You can copy the sample code below. Ensure that you install the referenced imported packages that are not part of the standard library.

How to Run

  1. Install the requirements with:

    pip install requests
  2. Run the Sample App with:


Problems Running the Code?

If you have any problems running the code then reach out to us in our Community Forum.

Sample Code

import requests
import json
import base64

# Insert your own info here as you defined when you created your APP
# Note that in a real app you would not want to hard-code these values
# Instead you would want to import them from the environment or even use
# a more secure solution like a keystore.
CLIENT_ID = "your-client-id"
CLIENT_SECRET = "your-client-secret"
STATE = "yourstatestring"  # note that in a true production app you would use state to protect against cross site attacks
DOMAIN = '' # use eu hostname if you are in EU

def refresh_token():
    '''refresh existing token for a new one'''

    with open('creds.json', 'r') as f:
        creds = json.load(f)

    refresh_token = creds['refresh_token']

    base64_encoded_clientid_clientsecret = base64.b64encode(str.encode(f'{CLIENT_ID}:{CLIENT_SECRET}'))  # concatenate with : and encode in base64
    base64_encoded_clientid_clientsecret = base64_encoded_clientid_clientsecret.decode('ascii')  # turn bytes object into ascii string

    base_url = f'https://{DOMAIN}'
    url = f"{base_url}/oauth/v1/token"
    headers = {
        'Content-Type': "application/x-www-form-urlencoded",
        'Authorization': f'Basic {base64_encoded_clientid_clientsecret}'

    data = {'grant_type': 'refresh_token',
            'redirect_uri': REDIRECT_URI,
            'refresh_token': refresh_token

    r =, headers=headers, data=data)
    response = r.json()

    if response.get('access_token'):
        # don't store creds in plaintext in a real app obviously
        with open('creds.json', 'w') as f:
            json.dump(response, f, indent=4)
        print('There was an error refreshing your access token')

if __name__ == '__main__':
    refresh_token()  # refresh an existing token (we are assuming you have one stored in creds.json)