Overview
The Tokens service handles the complete token lifecycle: exchanging authorization codes, refreshing tokens, online verification, and revocation.
Exchange
Exchange an authorization code for a grant token after the user consents.
Parameters
Response (ExchangeTokenResponse)
Refresh
Exchange a refresh token for a new grant token. Refresh tokens are single-use — each refresh returns a new refresh token.
Refresh tokens are single-use. Each call returns a new RefreshToken that you must store. The old refresh token is invalidated immediately.
Parameters
Response
Same ExchangeTokenResponse as Exchange — includes a new GrantToken and RefreshToken.
Verify
Perform online token verification against the Grantex API.
Response (VerifyTokenResponse)
Revoke
Revoke a token by its JTI (token ID).
Returns nil on success (HTTP 204).