# Refreshing Access Token

Our Access Token expires every 2 hours, so you will need to refresh it before it expires.

Refreshing is straightforward. You will need to call one API (see [Implementation page](https://docs.edgetag.io/api/getting-started/oauth-2.0/implementation) for URLs).

{% tabs %}
{% tab title="JavaScript" %}

```javascript
const refreshToken = 'PGFanyIh-GUKReZ5P1LlAsUJzBR76BQI5SJlIX4-aHQ'
const tokenUrl = 'http://api-sandbox.edgetag.io/v1/oauth-app/client/token'

const body = new URLSearchParams({
  refresh_token: refreshToken,
  grant_type: 'refresh_token',
})

const response = await fetch(tokenUrl, {
  method: 'POST',
  headers: {
    'Content-Type': 'application/x-www-form-urlencoded',
    Authorization: `Basic ${btoa(clientId + ':' + clientSecret)}`,
  },
  body
})
```

{% endtab %}

{% tab title="CURL" %}

```bash
curl --request POST \
  --url http://api-sandbox.edgetag.io/v1/oauth-app/client/token \
  --header 'Authorization: Basic ZDAyNzJjNDItN2VjYy00ODk5LWExYTctMDgwMWE4YTlkYTJmOmQwMjcyYzQyLTdlY2MtNDg5OS1hMWE3LTA4MDFhOGE5ZGEyZg==' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data refresh_token=PGFanyIh-GUKReZ5P1LlAsUJzBR76BQI5SJlIX4-aHQ \
  --data grant_type=refresh_token
```

{% endtab %}
{% endtabs %}

The API is the same as for code exchange; only the parameters differ slightly.

Request is `GET` .  If the request is successful, you will get the following response:

```javascript
{
  access_token: 'aYsxMIy3XguB9YORh2GzAL8E60MsVvXbG8IHxNFooSo',
  expires_in: 7200,
}
```