Overview

This documentation explains how to refresh expired tokens for your embedded Cekura agents to maintain uninterrupted service.

Base URL

https://api.cekura.ai

Authentication Endpoint

Refresh Token

POST /user/v1/embedded/refresh/
This endpoint generates a new access token using your refresh token when the current access token expires.

Request Headers

HeaderDescription
Content-Typeapplication/json

Request Body

{
    "refresh": "YOUR_REFRESH_TOKEN"
}

Parameters

  • refresh (string, required): Your valid refresh token obtained from the initial token generation

Response

A successful request will return a new access token for continued agent embedding.

Success Response Example

{
    "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Response Fields

  • access (string): New JWT access token for embedding the agent

Error Responses

Status CodeDescription
400Invalid request parameters
401Invalid or expired refresh token
403Unauthorized access
500Internal server error

Implementation Steps

  1. Monitor your access token’s expiration
  2. Before the access token expires, use your refresh token to request a new one
  3. Update your application with the new access token
  4. Continue using the agent embed widget with the new token

Token Lifecycle

  • Access tokens expire after 24 hours (1 day)
  • Refresh tokens have a longer lifetime than access tokens
  • If the refresh token expires, you’ll need to generate new tokens using the initial token generation endpoint
  • Implement proper error handling for failed refresh attempts

Security Considerations

  • Store refresh tokens securely
  • Use HTTPS for all API calls
  • Implement proper error handling
  • Clear all tokens when removing the agent embed
  • Never expose tokens in client-side code