Rotate an access token
Rotating an access token consists of the authorization server issuing a new token in place of the existing token, with the same rights and properties as the original token. If, for example, an access token expires, an authorized client can request the token be rotated.
All access tokens in Open Payments have a 10-minute lifespan by default. This includes new access tokens issued because of a rotate request.
These code snippets enable the client to call a management endpoint to rotate the specified access token.
Before you begin
Section titled “Before you begin”We recommend creating a wallet account on the test wallet. Creating an account allows you to test your client against the Open Payments APIs by using an ILP-enabled wallet funded with play money.
Rotate an access token
Section titled “Rotate an access token”Initial configuration
If you’re using JavaScript, only do the first step.
- Add
"type": "module"topackage.json. - Add the following to
tsconfig.json{"compilerOptions": {"target": "ES2022","module": "ES2022"}}
// Import dependenciesimport { createAuthenticatedClient } from '@interledger/open-payments'
// Initialize clientconst client = await createAuthenticatedClient({ walletAddressUrl: WALLET_ADDRESS, privateKey: PRIVATE_KEY_PATH, keyId: KEY_ID})
// Rotate tokenconst token = await client.token.rotate({ url: MANAGE_URL, accessToken: ACCESS_TOKEN})
// Outputconsole.log('ACCESS_TOKEN =', token.access_token.value)console.log('MANAGE_URL =', token.access_token.manage)For TypeScript, run tsx path/to/directory/index.ts. View full TS source
For JavaScript, run node path/to/directory/index.js. View full JS source
// Import dependenciesuse open_payments::client::AuthenticatedResources;use open_payments::snippets::utils::{create_authenticated_client, get_env_var, load_env};
// Initialize clientlet client = create_authenticated_client()?;
// Rotate access tokenlet access_token = get_env_var("ACCESS_TOKEN")?;let token_manage_url = get_env_var("TOKEN_MANAGE_URL")?;
let response = client .token() .rotate(&token_manage_url, Some(&access_token)) .await?;
// Outputprintln!("Rotated access token: {:#?}", response.access_token);// Import dependenciesuse OpenPayments\AuthClient;use OpenPayments\Config\Config;
// Initialize client$config = new Config( $WALLET_ADDRESS, $PRIVATE_KEY, $KEY_ID);$opClient = new AuthClient($config);
// Rotate access token$token = $opClient->token()->rotate( [ 'access_token' => $ACCESS_TOKEN, 'url' => $TOKEN_MANAGE_URL ]);
// Outputecho 'ACCESS_TOKEN: ' . $token->value . PHP_EOL;echo 'MANAGE_URL: ' . $token->manage . PHP_EOL;package main
// Import dependenciesimport ( "context" "encoding/json" "fmt" "log"
op "github.com/interledger/open-payments-go")
func main() { // Initialize client client, err := op.NewAuthenticatedClient( WALLET_ADDRESS_URL, PRIVATE_KEY_BASE_64, KEY_ID, ) if err != nil { log.Fatalf("Error creating authenticated client: %v\n", err) }
// Rotate access token rotatedToken, err := client.Token.Rotate(context.TODO(), op.TokenRotateParams{ URL: MANAGE_URL, AccessToken: ACCESS_TOKEN, }) if err != nil { log.Fatalf("Error rotating access token: %v\n", err) }
// Output rotatedTokenJSON, err := json.MarshalIndent(rotatedToken, "", " ") if err != nil { log.Fatalf("Error marshaling rotated token: %v\n", err) }
fmt.Println("ROTATED ACCESS TOKEN:", string(rotatedTokenJSON))}// Import dependenciesimport org.interledger.openpayments.httpclient.OpenPaymentsHttpClient;import org.interledger.openpayments.IOpenPaymentsClient;
// Initialize clientvar client = OpenPaymentsHttpClient.defaultClient("WalletAddress","PrivateKeyPEM","KeyId");
// Get wallet address informationvar receiverWallet = client.getWalletAddress("https://cloudninebank.example.com/merchant");
// Create grant requestvar grantRequest = this.client.createGrantIncomingPayment(receiverWallet);
// Rotate grant request// Auth server will be retrieved from [receiverWallet].var rotatedGrant = this.client.rotateToken(receiverWallet, grant.getAccess().getToken(), grantRequest);
// Outputlog.info("GRANT: {}", rotatedGrant);