How to use RefreshRokens?

van_den_Berg_Mark · February 12, 2026, 12:18pm

Hi,

Perhaps it's me not seeing the obvious, but referring to this page:

I really like this new feature as I am building an application that will be in use 24/7 and users may have changes - not committed to my XData server yet - at any time.

However, it is not clear to me how to practically implement this. Defining the ClientApp is clear but how do I get a new token? Via a TSphinxLogin method, or does the TSphinxLogin handle it automatically (keep refreshing until user logs off) or is there another mechanism to use?

A short explanation or small example would be appreciated!

wlandgraf · February 13, 2026, 11:19am

When you get your access token, a refresh token will also be sent.
When your access token is expired, you can simply ask (via HTTP request) for another one, using the refresh token. No need to ask for the user to login again.

van_den_Berg_Mark · February 13, 2026, 11:58am

I saw that in the documentation indeed, but how to do that?

Can you give me a short example, perhaps some (pseudo-)code? Is there any reason it's not implemented in the TSphinxLogin component?

wlandgraf · February 18, 2026, 9:47pm

I assume that after login you use the following pseudo-code workflow to access your API:

var 
  AccessToken: string;
begin
  AccessToken := SphinxLogin1.AuthResult.AccessToken;
  // Call application API passing access token
  Client.Headers.SetValue('Authorization', 'Bearer ' + AccessToken;

If you call SphinxLogin1.IsLoggedIn and it returns false it means there is no access token, or it's expired.

If the access token is expired, you can perform a manual call to the Sphinx server passing the refresh token:

HttpClient.Url := 'http://sphinx-server-url/oauth/token';
HttpClient.Method := 'POST';
HttpClient.Headers.SetValue('Content-Type', 'application/x-www-form-urlencoded');
HttpClient.SetContent := 
  'grant_type=refresh_token' + 
  '&refresh_token=' + SphinxLogin.AuthResult.RefreshToken + 
  '&client_id=' + MyClientId';

Perform the request, the response will be a JSON with the renewed access token that you can continue using to perform the requests.

Not really, we just wanted to have it released asap for users who need it server side.
Indeed, we should implement this for TSphinxLogin (and TSphinxWebLogin) for an upcoming release.

Topic		Replies	Views
Refresh an access token. TMS Sphinx	5	159	March 27, 2025
Refresh Token TMS Sphinx	8	162	September 19, 2024
Refresh Token with Sphinx and Webcore TMS Sphinx tmswebcore	2	27	February 13, 2026
How to keep Access token valid from refresh token TMS FNC Cloud Pack	3	64	October 1, 2025
Enable updated JWTs to be sent to extend the exp (Expiry) time BIZ Feature Requests sphinx	4	167	December 12, 2024

How to use RefreshRokens?

Related topics