This endpoint allows you to get a new session token and refresh token with the dct claim on the JWT which shows the active selected tenant for the user.
See Tenant Selection Article for more details of the usage.
Use authorization bearer header with the following format:
Authorization: Bearer <Project ID:Refresh JWT>
OK
{- "sessionJwt": "string",
- "refreshJwt": "string",
- "cookieDomain": "string",
- "cookiePath": "string",
- "cookieMaxAge": 0,
- "cookieExpiration": 0,
- "user": {
- "loginIds": [
- "string"
], - "userId": "string",
- "name": "string",
- "email": "string",
- "phone": "string",
- "verifiedEmail": true,
- "verifiedPhone": true,
- "roleNames": [
- "string"
], - "userTenants": [
- {
- "tenantId": "string",
- "roleNames": [
- "string"
], - "tenantName": "string"
}
], - "status": "string",
- "externalIds": [
- "string"
], - "picture": "string",
- "test": false,
- "customAttributes": { },
- "createdTime": 0,
- "TOTP": false,
- "SAML": false,
- "OAuth": {
- "property1": false,
- "property2": false
}, - "webauthn": true,
- "password": true,
- "ssoAppIds": [
- "string"
], - "givenName": "string",
- "middleName": "string",
- "familyName": "string",
- "editable": true
}, - "firstSeen": true,
- "idpResponse": {
- "samlResponse": "string",
- "samlGeneratedUser": "string",
- "samlGeneratedRoles": "string",
- "oidcResponse": "string",
- "oidcGeneratedUser": "string",
- "oidcGeneratedRoles": "string"
}
}