> ## Documentation Index
> Fetch the complete documentation index at: https://cobo.com/developers/llms.txt
> Use this file to discover all available pages before exploring further.
# Refresh Org Access Token
> This operation is only applicable to Cobo Portal Apps developers. To call this operation, you need to use the Cobo OAuth authentication method that requires an app key.
This operation allows Cobo Portal Apps to obtain a new Org Access Token with a specified client ID, grant type and a Refresh Token.
For security purposes, Org Access Tokens expire after a certain period. Once they expire, the app needs to call this operation to get a new Org Access Token and a new Refresh Token.
Try [Cobo WaaS Skill](/v2/guides/overview/cobo-waas-skill) in your AI coding assistant (Claude Code, Cursor, etc.). Describe your needs in natural language to auto-generate production-ready SDK code and debug faster 🚀
```python Python theme={null}
import cobo_waas2
from cobo_waas2.models.refresh_token2_xx_response import RefreshToken2XXResponse
from cobo_waas2.models.refresh_token_request import RefreshTokenRequest
from cobo_waas2.rest import ApiException
from pprint import pprint
# See configuration.py for a list of all supported configurations.
configuration = cobo_waas2.Configuration(
# Replace `` with your private key
api_private_key="",
# Select the development environment. To use the production environment, change the URL to https://api.cobo.com/v2.
host="https://api.dev.cobo.com/v2",
)
# Enter a context with an instance of the API client
with cobo_waas2.ApiClient(configuration) as api_client:
# Create an instance of the API class
api_instance = cobo_waas2.OAuthApi(api_client)
refresh_token_request = cobo_waas2.RefreshTokenRequest()
try:
# Refresh Org Access Token
api_response = api_instance.refresh_token(refresh_token_request)
print("The response of OAuthApi->refresh_token:\n")
pprint(api_response)
except Exception as e:
print("Exception when calling OAuthApi->refresh_token: %s\n" % e)
```
```java Java theme={null}
// Import classes:
import com.cobo.waas2.ApiClient;
import com.cobo.waas2.ApiException;
import com.cobo.waas2.Configuration;
import com.cobo.waas2.Env;
import com.cobo.waas2.api.OAuthApi;
import com.cobo.waas2.model.*;
public class Example {
public static void main(String[] args) {
ApiClient defaultClient = Configuration.getDefaultApiClient();
// Select the development environment. To use the production environment, replace `Env.DEV` with
// `Env.PROD
defaultClient.setEnv(Env.DEV);
// Replace `` with your private key
defaultClient.setPrivKey("");
OAuthApi apiInstance = new OAuthApi();
RefreshTokenRequest refreshTokenRequest = new RefreshTokenRequest();
try {
RefreshToken2XXResponse result = apiInstance.refreshToken(refreshTokenRequest);
System.out.println(result);
} catch (ApiException e) {
System.err.println("Exception when calling OAuthApi#refreshToken");
System.err.println("Status code: " + e.getCode());
System.err.println("Reason: " + e.getResponseBody());
System.err.println("Response headers: " + e.getResponseHeaders());
e.printStackTrace();
}
}
}
```
```go Go theme={null}
package main
import (
"context"
"fmt"
coboWaas2 "github.com/CoboGlobal/cobo-waas2-go-sdk/cobo_waas2"
"github.com/CoboGlobal/cobo-waas2-go-sdk/cobo_waas2/crypto"
"os"
)
func main() {
refreshTokenRequest := *coboWaas2.NewRefreshTokenRequest()
configuration := coboWaas2.NewConfiguration()
// Initialize the API client
apiClient := coboWaas2.NewAPIClient(configuration)
ctx := context.Background()
// Select the development environment. To use the production environment, replace coboWaas2.DevEnv with coboWaas2.ProdEnv
ctx = context.WithValue(ctx, coboWaas2.ContextEnv, coboWaas2.DevEnv)
// Replace `` with your private key
ctx = context.WithValue(ctx, coboWaas2.ContextPortalSigner, crypto.Ed25519Signer{
Secret: "",
})
resp, r, err := apiClient.OAuthAPI.RefreshToken(ctx).
RefreshTokenRequest(refreshTokenRequest).
Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `OAuthAPI.RefreshToken``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
}
// response from `RefreshToken`: RefreshToken2XXResponse
fmt.Fprintf(os.Stdout, "Response from `OAuthAPI.RefreshToken`: %v\n", resp)
}
```
```javascript JavaScript theme={null}
const CoboWaas2 = require("@cobo/cobo-waas2");
// Initialize the API client
const apiClient = CoboWaas2.ApiClient.instance;
// Select the development environment. To use the production environment, replace `Env.DEV` with `Env.PROD`
apiClient.setEnv(CoboWaas2.Env.DEV);
// Replace `` with your private key
apiClient.setPrivateKey("");
// Call the API
const apiInstance = new CoboWaas2.OAuthApi();
const RefreshTokenRequest = new CoboWaas2.RefreshTokenRequest();
apiInstance.refreshToken(RefreshTokenRequest).then(
(data) => {
console.log("API called successfully. Returned data: " + data);
},
(error) => {
console.error(error);
},
);
```
## OpenAPI
````yaml post /oauth/token
openapi: 3.0.3
info:
title: Cobo Wallet as a Service 2.0
description: >
The Cobo Wallet-as-a-Service (WaaS) 2.0 API is the latest version of Cobo's
WaaS API offering. It enables you to access Cobo's full suite of crypto
wallet technologies with powerful and flexible access controls. By
encapsulating complex security protocols and streamlining blockchain
interactions, this API allows you to concentrate on your core business
activities without worrying about the safety of your assets. The WaaS 2.0
API presents the following key features:
- A unified API for Cobo's [all four wallet
types](https://manuals.cobo.com/en/portal/introduction#an-all-in-one-wallet-platform)
- Support for 80+ chains and 3000+ tokens
- A comprehensive selection of webhook events
- Flexible usage models for MPC Wallets, including [Organization-Controlled
Wallets](https://manuals.cobo.com/en/portal/mpc-wallets/ocw/introduction)
and [User-Controlled
Wallets](https://manuals.cobo.com/en/portal/mpc-wallets/ucw/introduction)
- Programmatic control of smart contract wallets such as Safe{Wallet} with
fine-grained access controls
- Seamlessly transfer funds across multiple exchanges, including Binance,
OKX, Bybit, Deribit, and more
For more information about the WaaS 2.0 API, see [Introduction to WaaS
2.0](https://www.cobo.com/developers/v2/guides/overview/introduction).
termsOfService: https://cobo.com/waas/tos/
license:
name: Apache 2.0
url: https://www.apache.org/licenses/LICENSE-2.0.html
contact:
name: Cobo WaaS
url: https://www.cobo.com/waas
email: help@cobo.com
version: 1.0.0
servers:
- url: https://api.dev.cobo.com/v2
description: Development environment
- url: https://api.cobo.com/v2
description: Production environment
security:
- CoboAuth: []
tags:
- name: Organizations
description: Operations related to Organizations.
- name: Wallets
description: Operations related to all wallets.
- name: Wallets - MPC Wallets
description: Operations related to mpc wallet.
- name: Wallets - Exchange Wallet
description: Operations related to exchange wallet.
- name: Wallets - Smart Contract Wallets
description: Operations related to smart contract wallet.
- name: Transactions
description: Operations related to all transactions.
- name: Developers - Webhooks
description: Operations related to webhooks.
- name: Stakings
description: Operations related to staking.
- name: OAuth
description: Operations related to OAuth.
- name: Developers
description: Operations related to developers.
- name: AddressBooks
description: Operations related to address books.
- name: TravelRule
description: Operations related to travel rule.
- name: GraphQL
description: Operations related to executing GraphQL queries and mutations.
- name: PrimeBroker
description: Operations related to prime broker.
- name: AppWorkflows
description: Operations related to app workflow.
- name: FeeStation
description: Operations related to fee station.
- name: Payment
description: Operations related to payment.
- name: Batch Payouts
description: Operations related to batch payouts.
- name: Tokenization
description: Operations related to tokenization.
- name: AutoSweep
description: Operations related to auto sweep.
- name: Compliance
description: Operations related to compliance.
paths:
/oauth/token:
post:
tags:
- OAuth
summary: Refresh Org Access Token
description: >
This operation is only applicable to Cobo Portal Apps developers.
To call this operation, you need to use the Cobo OAuth authentication
method that requires an app key.
This operation allows Cobo Portal Apps to obtain a new Org Access Token
with a specified client ID, grant type and a Refresh Token.
For security purposes, Org Access Tokens expire after a certain period.
Once they expire, the app needs to call this operation to get a new Org
Access Token and a new Refresh Token.
operationId: refresh_token
requestBody:
$ref: '#/components/requestBodies/tokenEndpointBody'
responses:
2XX:
$ref: '#/components/responses/refreshTokenResponse'
4XX:
$ref: '#/components/responses/oauthErrorResponse'
5XX:
$ref: '#/components/responses/internalServerError'
components:
requestBodies:
tokenEndpointBody:
description: The request body for refreshing an Org Access Token.
required: true
content:
application/json:
schema:
type: object
properties:
client_id:
type: string
description: >-
The client ID, a unique identifier to distinguish Cobo Portal
Apps. You can get the client ID by retrieving the manifest
file after publishing the app.
example: >-
AnCEPEp5Q8qjAOA1Lb6kVd2OlkCyJnMTeMPdLbPOM8cz176Eb5y7EJoUjJJ0vkzz
grant_type:
type: string
description: The OAuth grant type. Set the value as `refresh_token`.
example: refresh_token
refresh_token:
type: string
description: The Refresh Token of the current Org Access Token.
example: >-
rK49jI0zt49gsttzscscik15Asmlpu1TdcxqguJJS8B9f6ilJEC0y3PbVqwsEAw5
responses:
refreshTokenResponse:
description: The request was successful.
content:
application/json:
schema:
type: object
properties:
access_token:
type: string
description: The new Org Access Token.
example: >-
AnCEPEp5Q8qjAOA1Lb6kVd2OlkCyJnMTeMPdLbPOM8cz176Eb5y7EJoUjJJ0vkzz
token_type:
type: string
description: The type of the tokens, which is Bearer.
example: Bearer
scope:
type: string
description: >
The scope of the Org Access Token to limit the app's access to
the organization's resources.
**Note**: Currently this property value is empty. The scope of
the Org Access Token is based on the permissions granted when
the app user installs the app.
example: ''
expires_in:
type: integer
description: The time in seconds in which the new Org Access Token expires.
example: 43199
refresh_token:
type: string
description: >-
The Refresh Token, used to obtain another Org Access Token
when the new Org Access Token expires. The expiration time for
Refresh Tokens is currently set to 30 days and is subject to
change.
example: >-
rK49jI0zt49gsttzscscik15Asmlpu1TdcxqguJJS8B9f6ilJEC0y3PbVqwsEAw5
oauthErrorResponse:
description: Unauthorized. Please provide valid credentials.
content:
application/json:
schema:
type: object
description: The response of a failed request.
required:
- error
- error_description
properties:
error:
type: string
description: The error name.
error_description:
type: string
description: The error description.
internalServerError:
description: Internal server error.
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponse'
schemas:
ErrorResponse:
type: object
description: The response of a failed request.
required:
- error_code
- error_message
- error_id
properties:
error_code:
type: integer
description: >-
The error code. Refer to [Error codes and status
codes](https://www.cobo.com/developers/v2/api-references/error-codes)
for more details.
error_message:
type: string
description: The error description.
error_id:
type: string
description: >-
The error log ID. You can provide the error ID when submitting a
ticket to help Cobo to locate the issue.
example: 0b6ddf19083c4bd1a9ca01bec44b24dd
securitySchemes:
CoboAuth:
type: apiKey
in: header
name: BIZ-API-KEY
description: >
The API key. For more details, refer to [API
key](https://www.cobo.com/developers/v2/guides/overview/cobo-auth#api-key).
In the API playground, enter your [API
secret](https://www.cobo.com/developers/v2/guides/overview/cobo-auth#api-secret),
and your API key will be accordingly calculated.
````