Sample code for 30+ languages & platforms
PHP Extension

Refresh a Dynamics CRM OAuth2 Access Token

See more OAuth2 Examples

Demonstrates how to refresh an expiring Dynamics CRM access token using the refresh token. endpoint.

(If a REST API call fails with a 401 unauthorized error, an application can auto-recover by refreshing the access token, and then re-send the request using the new token.)

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// We previously obtained an access token and saved the JSON to a file using this example:
// Get Dynamics CRM OAuth2 Access Token

// This example will examine the JSON and expiration date, and if near expiration will
// refresh the access token.

$json = new CkJsonObject();
$success = $json->LoadFile('qa_data/tokens/dynamicsCrm.json');
if ($success != true) {
    exit;
}

// The contents of the JSON look like this:
// {
//   "token_type": "Bearer",
//   "scope": "user_impersonation",
//   "expires_in": "3599",
//   "ext_expires_in": "0",
//   "expires_on": "1524783438",
//   "not_before": "1524779538",
//   "resource": "https://mydomain.api.crm.dynamics.com",
//   "access_token": "...",
//   "refresh_token": "...",
//   "id_token": "..."
// }

// The "expires_on" value is a Unix time.
$dtExpire = new CkDateTime();
$dtExpire->SetFromUnixTime(false,$json->IntOf('expires_on'));

// If this date/time expires within 10 minutes of the current system time, refresh the token.

// OK, we need to refresh the access token by sending a POST...
// 

$req = new CkHttpRequest();
$req->AddParam('grant_type','refresh_token');
$req->AddParam('redirect_uri','http://localhost:3017/');
$req->AddParam('client_id','DYNAMICS-CRM-CLIENT-ID');
$req->AddParam('client_secret','DYNAMICS-CRM-SECRET-KEY');
$req->AddParam('refresh_token',$json->stringOf('refresh_token'));
$req->AddParam('resource','https://mydynamicsdomain.api.crm.dynamics.com');

$http = new CkHttp();

$req->put_HttpVerb('POST');
$req->put_ContentType('application/x-www-form-urlencoded');

$resp = new CkHttpResponse();
$success = $http->HttpReq('https://login.microsoftonline.com/DYNAMICS-ENDPOINT-GUID/oauth2/token',$req,$resp);
if ($success == false) {
    print $http->lastErrorText() . "\n";
    exit;
}

// Load the JSON response.
$json->Load($resp->bodyStr());
$json->put_EmitCompact(false);

// Show the JSON response.
print $json->emit() . "\n";

print 'Response status code: ' . $resp->get_StatusCode() . "\n";

// If the response status code is not 200, then it's an error.
if ($resp->get_StatusCode() != 200) {
    exit;
}

// If an "expires_on" member does not exist, then add the JSON member by
// getting the current system date/time and adding the "expires_in" seconds.
// This way we'll know when the token expires.
if ($json->HasMember('expires_on') != true) {
    $dtExpire->SetFromCurrentSystemTime();
    $dtExpire->AddSeconds($json->IntOf('expires_in'));
    $json->AppendString('expires_on',$dtExpire->getAsUnixTimeStr(false));
}

// Save the refreshed access token JSON to a file for future requests.
$fac = new CkFileAccess();
$fac->WriteEntireTextFile('qa_data/tokens/dynamicsCrm.json',$json->emit(),'utf-8',false);

?>