I don't understand how to use offline_access. Could you send me for example how do it? And where can I get a new Refresh token?

I added offline_access For all my users. And how can I use this? For generate a new refresh token.

I have this method

$provider = new \League\OAuth2\Client\Provider\GenericProvider([
'clientId' => $client,
'clientSecret' => $secret,
'redirectUri' => 'https://site/xeroreports',
'urlAuthorize' => 'https://login.xero.com/identity/connect/authorize',
'urlAccessToken' => 'https://identity.xero.com/connect/token',
'urlResourceOwnerDetails' => 'https://identity.xero.com/resources'
]);

$newAccessToken = $provider->getAccessToken('refresh_token', [
'refresh_token' => $xero_refresh
]);

but I get only accses token

If I use

    $client = new \GuzzleHttp\Client();
    
    $response1 = $client->request('POST', 'https://identity.xero.com/connect/token', [
    'body' => '{"grant_type":"refresh_token", "refresh_token":"'. $xero_refresh .'"}',
    'headers' => [
    'Authorization' => 'Basic ' . $authpas,
    'Content-Type' => "application/x-www-form-urlencoded",
    ],
    ]); 
echo $newRefreshToken = $response1->getBody();

I have an error

Type: GuzzleHttp\Exception\ClientException Code: 400 Message: Client error: `POST https://identity.xero.com/connect/token` resulted in a `400 Bad Request` response: {error: unsupported_grant_type}

CodePudding user response：

$newAccessToken = $provider->getAccessToken('refresh_token', [
 'refresh_token' => $xero_refresh
]);

In the above snippet $newAccessToken isn't a string but an object. To get the new refresh token, it is just $newAccessToken->getRefreshToken() as mentioned in their wiki.