/auth/refreshUse a refresh token to obtain a new access token and refresh token pair, supporting reuse attack detection and automatic revocation. References: RFC 6749 §1.5, RFC 7519 (JWT).
Schema: dto.RefreshTokenRequest
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
refresh_token |
string |
Yes | Refresh token |
| Status | Description | Schema |
|---|---|---|
| 200 | Token refreshed successfully, returns new access token and refresh token | dto.LoginResponse |
| 400 | Invalid request parameters or malformed token | gitee_com_linmes_authms_base_dto.SimpleResponse |
| 500 | Internal server error | gitee_com_linmes_authms_base_dto.SimpleResponse |
User login result
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
access_token |
string |
No | eyJhbGciOi... |
Access token | |
challenge_token |
string |
No | chg_abc123... |
MFA challenge token (short-lived, requires MFA verification) | |
expires_in |
integer |
No | 1800 |
Expiration time | |
mfa_check_reason |
string |
No | new_device |
MFA trigger reason description | |
must_change_password |
boolean |
No | False |
Password must be changed | |
password_expires_in |
integer |
No | 30 |
Days until password expires | |
password_warning |
string |
No | expiring |
Password warning: expiring/expired_grace/expired | |
refresh_token |
string |
No | eyJhbGciOi... |
Refresh token | |
required_mfa_methods |
array of string |
No | List of recommended MFA methods | ||
requires_mfa |
boolean |
No | False |
Adaptive MFA: additional MFA verification required | |
risk_assessment |
object |
No | Risk assessment | ||
risk_level |
string |
No | low |
Risk level: low/medium/high | |
token_type |
string |
No | Bearer |
Token type | |
user |
object |
No | User info | ||
user_id |
string |
No | User ID (redundant with User.ID for flat access) |
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
level |
string |
No | |||
recommended_mfa_methods |
array of string |
No | |||
require_mfa |
boolean |
No | |||
score |
integer |
No |
User basic information
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
created_at |
string |
No | 2026-01-15T10:30:00Z |
Account creation time | |
email |
string |
No | john@example.com |
||
id |
string |
No | usr_abc123 |
User ID | |
must_change_password |
boolean |
No | False |
Password must be changed | |
password_expires_in |
integer |
No | 30 |
Days until password expires | |
password_warning |
string |
No | expiring |
Password warning: expiring/expired_grace/expired | |
phone |
string |
No | 13800138000 |
Phone | |
status |
string |
No | active |
Status | |
username |
string |
No | john.doe |
Username |
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
code |
integer |
No | |||
message |
string |
No | |||
timestamp |
string |
No |