# Token Refresh
source: https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/connect/refreshing/index.md

An `access` token will expire one hour after it has been generated. After this, you will be denied access if you use that token.

To get a new token, refresh the token you acquired during the authentication flow. These last for 14 days.

To refresh your `access` token, you can send a request as below:

```shell
curl -D- -X POST https://api-sandbox.aiia.eu/v1/oauth/token \
  -u <CLIENT_ID>:<CLIENT_SECRET> \
  -H 'Content-Type: application/json'  \
  -d '{ 
        "grant_type" : "refresh_token", 
        "refresh_token" : "{refresh_token}"
    }' 
```

If the `refresh` token is still valid, you get a response body encoded in JSON that looks like this:

```json
{
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI797234J9.eyJ1c2VySWQiOiJmYTE4OTI3MS1mOTY1LTRmNWMtOTlmOS1lNDViNzNiYzI4MzkiLCJjbGllbnRJZCI6InZpaWEtZnBwIiwicm9sZSI6IkNsaWVudFVzZXIiLCJzZXNzaW9uSWQiOiJhZGIy097298234gtYWM4Yy1kYWM5Zjk0NTk3ZWQiLCJuYmYiOjE1Njc1MDAwOTQsImV4cCI6MTU2NzUwMzY5NCwiaWF0IjoxNTY3NTAwMDk0fQ.39njmCN97823498UbPXUiXl_SmWgnxM2x9phxhAxYI",
    "expires_in": 3600,
    "redirect_uri": null,
    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI797234J9.eyJ12Vy98762872344OTI3MS1mOTY1LTRmNWMtOTlmOS1lNDViNzNiYzI4MzkiLCJjbGllbnRJZCI6InZpaWEtZnBwIiwiY29uc2VudElkIjoiYTYyODExYWYtNzUxMS00ZWQ0LThiYTEtMjAwNzc2NGQ1MTIwIiwic2Vzc2lvbklkIjoiYWRiMjEyNmEtOTczZi00OWI4LWFjOGMtZGFjOWY5NDU5N2VkIiwicm9sZSI6IlJlZnJlc2hUb2tlbiI98o727934UwMDA5NCwiZXhwIjoxNTY4NzA5Njk0LCJpYXQiOjE1Njc1MDAwOTR9.6eBV4OH96782734HEQoMbB_9yedl_2JfzsiSNcwa0",
    "token_type": "bearer"
}
```

Now you can discard your old `access` and `refresh` tokens and start using the two new tokens.

#### Lost or expired refresh token {#lost-or-expired-refresh-token}

If you lose your `refresh` token or if it expires, end-users have to go through the authentication flow again. It is currently not possible to get a new access or refresh token pair without end-user action. However, the user will not have to grant access to new banks, as they can simply press continue once they have logged into the App.