Renovação
A renovação do token deve ser utilizada quando for necessário manter o usuário logado mesmo após a expiração do access_token.
Para renovar o token, precisa apenas informar o usuário utilizado no login. A API de Segurança irá validar os dados de acesso do usuário, e caso seja da mesma origem, um novo access_token será gerado sem a necessidade de informar a senha.
Por exemplo:
- Usuário:
teste@gmail.com
Montando a requisição
Método da requisição
POSTEndereço da requisição
Desenvolvimento:
https://apidsv.unimedbh.io/security/v1/refreshHomologação:
https://apihml.unimedbh.io/security/v1/refreshProdução:
https://api.unimedbh.io/security/v1/refreshCabeçalho da requisição
{
"Content-Type": "application/json"
}Corpo da requisição
{
"username": "teste@gmail.com"
}Respostas da requisição
200 - Sucesso
{
"uid": "teste@gmail.com",
"name": "MARGARIDA",
"fullName": "MARGARIDA RAMOS DE PAULA",
"email": "teste@gmail.com",
"cpf": "52253155691",
"birthday": "26/06/1936",
"personId": 3181886,
"token": "AQIC5wM2LY4SfcyS8UGjl8mQEGH-Y0q0RXBoezMxrDFWiak.*AAJTSQACMDIAAlNLABMtMzQwMzYxMDcxMjM1MTg2OTI3AAJTMQACMDE.*",
"cookies": [
"amlbcookiehx=cluster_openam.unisrv1192; Domain=.unimedbh.com.br; Path=/",
"amlbcookiehx=cluster_openam.unisrv1192; Domain=.unimedbh.io; Path=/",
"unibhAT=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MDMwMDgyMDgsInVzZXJfbmFtZSI6InRlc3RlQGdtYWlsLmNvbSIsImp0aSI6IjU4MTY3ZTY5LTQyOWItNGEyYi1iYTFjLWExNjI4OWIxOTZiMCIsImNsaWVudF9pZCI6ImFjZXNzb2RzdiIsInNjb3BlIjpbInJlYWQiLCJ3cml0ZSJdfQ.e3InzRkZ01ClrZZbJ4PJcF7GbcJ5umGhE4eYr5UL4C5rEkbBUAPA36Fcqw09Ynkg_hipuyT9XCCMcZua3ILNOb-qKhh0gP8V5-rDoetJVFZBEgHoZq5sy13pWcnwxT2ggS9Ddyky7_Rl5L9_yNHUtnCyreZ4X7m3O3VJbT9cSd3l93ZkpXp6jCNGwy3RK6fX8-k3Nr0ycENj6VqETZTZ_98R7w0EAvI3T7PGcqmVs4YDEStpd0zLhmJYU3JELhv7q6cDlc9Og2RMjHZq7q5LRp4lJerHS7XKHKyO-L-s4n544h7ec_UTobFnJHedg5wumatF06IPOtNMrRzvsTLkNw;domain=unimedbh.com.br;path=/"
],
"roles": [],
"fullRoles": [],
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MDMwMDgyMDgsInVzZXJfbmFtZSI6InRlc3RlQGdtYWlsLmNvbSIsImp0aSI6IjU4MTY3ZTY5LTQyOWItNGEyYi1iYTFjLWExNjI4OWIxOTZiMCIsImNsaWVudF9pZCI6ImFjZXNzb2RzdiIsInNjb3BlIjpbInJlYWQiLCJ3cml0ZSJdfQ.e3InzRkZ01ClrZZbJ4PJcF7GbcJ5umGhE4eYr5UL4C5rEkbBUAPA36Fcqw09Ynkg_hipuyT9XCCMcZua3ILNOb-qKhh0gP8V5-rDoetJVFZBEgHoZq5sy13pWcnwxT2ggS9Ddyky7_Rl5L9_yNHUtnCyreZ4X7m3O3VJbT9cSd3l93ZkpXp6jCNGwy3RK6fX8-k3Nr0ycENj6VqETZTZ_98R7w0EAvI3T7PGcqmVs4YDEStpd0zLhmJYU3JELhv7q6cDlc9Og2RMjHZq7q5LRp4lJerHS7XKHKyO-L-s4n544h7ec_UTobFnJHedg5wumatF06IPOtNMrRzvsTLkNw",
"expires_in": "3599"
}Caso passe na validação de segurança, serão retornados dois novos tokens:
token- Controlado pelo OpenAMaccess_token- Controlado pela API de Segurança
400 - Dados Inválidos
{
"date": "19/12/2023 16:51:42",
"message": "O campo 'username' é obrigatório.",
"details": []
}401 - Não autorizado
{
"date": "19/12/2023 16:29:32",
"message": "Unauthorized!",
"details": []
}403 - Acesso negado
{
"date": "19/12/2023 16:29:32",
"message": "Forbidden!",
"details": []
}Exemplos da requisição
HTTP
POST /security/v1/refresh HTTP/1.1
Host: apihml.unimedbh.io
Content-Type: application/json
Content-Length: 61
{
"username": "teste@gmail.com"
}cURL
curl --location 'https://apihml.unimedbh.io/security/v1/refresh' \
--header 'Content-Type: application/json' \
--data-raw '{
"username": "teste@gmail.com"
}'JavaScript
const myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
const raw = JSON.stringify({
"username": "teste@gmail.com"
});
const requestOptions = {
method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://apihml.unimedbh.io/security/v1/refresh", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));Node.js
const axios = require('axios');
const data = JSON.stringify({
"username": "teste@gmail.com"
});
const config = {
method: 'post',
maxBodyLength: Infinity,
url: 'https://apihml.unimedbh.io/security/v1/refresh',
headers: {
'Content-Type': 'application/json'
},
data : data
};
axios.request(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});PHP
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://apihml.unimedbh.io/security/v1/refresh',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS =>'{
"username": "teste@gmail.com"
}',
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;Java
Unirest.setTimeouts(0, 0);
HttpResponse<String> response = Unirest.post("https://apihml.unimedbh.io/security/v1/refresh")
.header("Content-Type", "application/json")
.body("{\"username\": \"teste@gmail.com\"}")
.asString();C#
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "https://apihml.unimedbh.io/security/v1/refresh");
var content = new StringContent("{\"username\": \"teste@gmail.com\"}", null, "application/json");
request.Content = content;
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
Console.WriteLine(await response.Content.ReadAsStringAsync());