> ## Documentation Index
> Fetch the complete documentation index at: https://docs.plec-it.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Refresh access token

> Exchange a valid refresh token (cookie or body) for a new access token. Public endpoint.



## OpenAPI

````yaml POST /auth/refresh
openapi: 3.0.0
info:
  title: PLEC API
  description: PLEC backend API reference
  version: '1.0'
  contact: {}
servers:
  - url: https://api.plec-it.com
    description: Production
  - url: https://api-staging.plec-it.com
    description: Staging
  - url: http://localhost:3000
    description: Local Development
security: []
tags: []
paths:
  /auth/refresh:
    post:
      tags:
        - Auth
      summary: Refresh access token
      description: >-
        Exchange a valid refresh token (cookie or body) for a new access token.
        Public endpoint.
      operationId: AuthController_refresh
      parameters:
        - name: dryRun
          in: query
          description: >-
            When true, validates/simulates but performs no writes. Required for
            docs playground.
          required: true
          schema:
            type: string
            enum:
              - 'true'
            default: 'true'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RefreshBodyDto'
      responses:
        '200':
          description: Success
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthRefreshResponseDto'
        '400':
          description: Error response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiErrorResponseDto'
        '401':
          description: Error response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiErrorResponseDto'
components:
  schemas:
    RefreshBodyDto:
      type: object
      properties:
        refreshToken:
          type: string
          description: Refresh token (optional if sent in refresh_token cookie)
          example: abc123.def456
    AuthRefreshResponseDto:
      type: object
      properties:
        accessToken:
          type: string
          description: New JWT access token
          example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
      required:
        - accessToken
    ApiErrorResponseDto:
      type: object
      properties:
        message:
          type: string
          description: Human-readable error message
          example: Validation failed
        code:
          type: string
          description: Machine-readable error code
          example: BAD_REQUEST
        details:
          type: object
          description: Additional validation or context details
          example:
            - date must be a valid ISO 8601 date
      required:
        - message

````