Sample code for 30+ languages & platforms
JavaScript

Okta: Refresh Access Token with the Auth Code Flow

See more Okta OAuth/OIDC Examples

Demonstrates how to refresh a token that was obtained using the authorization code flow.
Note
This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.
JavaScript
var success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// See Get Okta Access Token using Authorization Code Flow with PKCE 
// for sample code showing how to obtain an Okta access token using the authorization code flow for native apps (with PKCE).

var jsonToken = new CkJsonObject();
success = jsonToken.LoadFile("qa_data/tokens/okta.json");
if (success !== true) {
    console.log("Failed to load myob.json");
    return;
}

var oauth2 = new CkOAuth2();

oauth2.TokenEndpoint = "https://{yourOktaDomain}/oauth2/default/v1/token";

// Replace these with actual values.
oauth2.ClientId = "OKTA_CLIENT_ID";
oauth2.ClientSecret = "OKTA_CLIENT_SECRET";

// Get the "refresh_token"
oauth2.RefreshToken = jsonToken.StringOf("refresh_token");

// Send the HTTP POST to refresh the access token..
oauth2.VerboseLogging = true;
success = oauth2.RefreshAccessToken();
if (success !== true) {
    console.log(oauth2.LastErrorText);
    return;
}

// Load the access token response into the json object 
jsonToken.Load(oauth2.AccessTokenResponse);

// Save the new JSON access token response to a file.
// The access + refresh tokens contained in this JSON will be needed for the next refresh.
var sbJson = new CkStringBuilder();
jsonToken.EmitCompact = false;
jsonToken.EmitSb(sbJson);
sbJson.WriteFile("qa_data/tokens/okta.json","utf-8",false);

console.log("OAuth2 authorization granted!");
console.log("New Access Token = " + oauth2.AccessToken);