> ## Documentation Index > Fetch the complete documentation index at: https://docs.meshconnect.com/llms.txt > Use this file to discover all available pages before exploring further. # Refresh auth token > Refresh auth token of the connected institution. Some institutions do not require tokens to be refreshed. The following institutions require custom flows: WeBull: AuthToken should be provided along with the RefreshToken Vanguard: security settings may activate MFA, requiring user action. If MFA is triggered, a second refresh request should be sent. Second request should contain MFA code and access token obtained from initial response ## OpenAPI ````yaml post /api/v1/token/refresh openapi: 3.0.1 info: title: Mesh Connect Integration API description: >- Mesh allows users to connect accounts of financial institutions, crypto exchanges, and self-custody wallets. Mesh handles credential validation, MFA, and error handling for each integration. After an account is connected, Mesh allows client applications to read holdings, transaction history and balances and execute crypto transfers (with user approval). version: '1.0' servers: - url: https://integration-api.meshconnect.com - url: https://sandbox-integration-api.meshconnect.com security: - Client-Secret: [] Client-Id: [] tags: - name: BlockchainQuery - name: Integrations account information - name: Managed Account Authentication description: >- The recommended approach for account authentication. Front manages multiple authentication flows and handles all authentication steps such as MFA codes and OAuth redirect through our web and mobile SDKs. - name: Portfolio description: | ### Supported integrations: ```Robinhood``` ```Coinbase``` ```Kraken``` ```CryptoCom``` ```OpenSea``` ```Binance``` ```Gemini``` ```OkCoin``` ```KuCoin``` ```CexIo``` ```BinanceInternational``` ```Bitstamp``` ```GateIo``` ```Okx``` ```BitFlyer``` ```Coinlist``` ```Huobi``` ```Bitfinex``` ```KrakenDirect``` ```BinanceInternationalDirect``` ```BitfinexDirect``` ```Bybit``` ```Paxos``` ```CoinbasePrime``` ```BtcTurkDirect``` ```KuCoinDirect``` ```OkxOAuth``` ```ParibuDirect``` ```RobinhoodConnect``` ```BlockchainCom``` ```BitsoDirect``` ```BinanceOAuth``` ```BybitDirect``` ```ParibuOAuth``` ```BinanceTrDirect``` ```BybitDirectMobile``` ```Sandbox``` ```Uphold``` ```SandboxCoinbase``` ```BluvoKrakenOAuth``` ```DeFiWallet``` - name: Balance description: | ### Supported integrations: ```Robinhood``` ```Coinbase``` ```Kraken``` ```CryptoCom``` ```Binance``` ```Gemini``` ```OkCoin``` ```KuCoin``` ```CexIo``` ```BinanceInternational``` ```Bitstamp``` ```GateIo``` ```Okx``` ```BitFlyer``` ```Coinlist``` ```Huobi``` ```Bitfinex``` ```KrakenDirect``` ```BinanceInternationalDirect``` ```BitfinexDirect``` ```Bybit``` ```Paxos``` ```CoinbasePrime``` ```BtcTurkDirect``` ```KuCoinDirect``` ```OkxOAuth``` ```ParibuDirect``` ```RobinhoodConnect``` ```BlockchainCom``` ```BitsoDirect``` ```BybitDirect``` ```ParibuOAuth``` ```BinanceTrDirect``` ```BybitDirectMobile``` ```Sandbox``` ```Uphold``` ```SandboxCoinbase``` ```BluvoKrakenOAuth``` - name: Transfers description: > ### Supported integrations: ```Robinhood``` ```Coinbase``` ```Kraken``` ```CryptoCom``` ```Binance``` ```Gemini``` ```OkCoin``` ```KuCoin``` ```BinanceInternational``` ```Bitstamp``` ```GateIo``` ```Okx``` ```Huobi``` ```Bitfinex``` ```KrakenDirect``` ```BinanceInternationalDirect``` ```BitfinexDirect``` ```Bybit``` ```Paxos``` ```CoinbasePrime``` ```BtcTurkDirect``` ```ParibuDirect``` ```RobinhoodConnect``` ```BlockchainCom``` ```BinanceConnect``` ```RevolutConnect``` ```BinancePay``` ```BybitDirect``` ```ParibuOAuth``` ```PayPalConnect``` ```CoinbaseRamp``` ```BybitDirectMobile``` ```Sandbox``` ```CryptoComPay``` ```Uphold``` ```BinancePayOnchain``` ```SandboxCoinbase``` ```BybitPay``` ```DeFiWallet``` ### Integration-specific notes: #### Robinhood: Cryptocurrency transfers should be enabled in Robinhood settings. Transfers are disabled by default, enabling them for end users requires a review from Robinhood. Please note: * `MfaCode` parameter is required to initiate a transaction in Robinhood. * The user's security settings should be configured to use an authenticator application. * Robinhood doesn't allow initiation of transactions if the authenticator application is not configured. #### Coinbase: `MfaCode` parameter should be used to initiate transactions in Coinbase. * If the end user's Coinbase account is configured to use text messages (SMS) for two factor authentication, the API will return `MfaRequired` status, and a text code will then be sent by Coinbase. The code is expected to be provided in the subsequent call using the `MfaCode` request field * If the account is configured to use an authenticator application, the API is expecting to get the code in the `MfaCode` request field. #### Kraken: Kraken requires the explicit chain name to be provided (e.g. `Dogecoin` or `Ethereum (ERC20)`). The list of possible chains can be obtained by calling `symbol/details` endpoint. To initiate a transaction, a Kraken Address Key name should be provided in `TargetAddress` field. Target address should be added using Kraken UI, then its name should be used. #### Binance: `Enable Withdrawals` permission should be given to the user's API key to initiate transfers with Binance Us. Binance requires adding the IP address to the list of trusted IPs to be able to create API keys with transfer permission. * Please reach out to Front to get the static IP address. This address should be provided to the end user, and the user should be instructed to add it to the list of trusted IP addresses. * By default, the permission to enable withdrawals is turned off. If the end user's API key does not have the permission, asset transfers will not be available. #### KuCoin: KuCoin requires adding the IP address to the list of trusted IPs to be able to create API keys with transfer permission. `Fee` parameter should be used to initiate a transaction in KuCoin. Please note: * Please reach out to Front to get the static IP address. This address should be provided to the end user, and the user should be instructed to add it to the list of trusted IP addresses. * All currencies have their minimum `fee` and `amount` requirements. Please use `symbol/details` endpoint to get this data for a particular symbol. * KuCoin requires chain name to be provided for getting deposit address or initiating a cryptocurrency transfer. Some cryptocurrencies are supported over multiple chains. It's recommended to use `symbol/details` endpoint to get the list of supported chains and show it to the end user to select a target one. #### BinanceInternational: `Enable Withdrawals` permission should be given to the user's API key to initiate transfers with Binance International. Binance requires adding the IP address to the list of trusted IPs to be able to create API keys with transfer permission. * Please reach out to Front to get the static IP address. This address should be provided to the end user, and the user should be instructed to add it to the list of trusted IP addresses. * By default, the permission to enable withdrawals is turned off. If the end user's API key does not have the permission, asset transfers will not be available. #### GateIo: Gate.io requires adding IP address to the list of trusted IP addresses to be able to initiate a cryptocurrency transfers. Withdrawal address should be already verified or added on the Gate.io UI (in mobile application or on the web site). * Please reach out to Front to get the static IP address for withdrawals. This address should be provided to the end user, and the user should be instructed to add it to the list of trusted IP addresses. * Only verified withdrawal blockchain addresses are allowed for withdrawal with Gate.io API. * Gate.io requires chain name to be provided for getting deposit address or initiating a cryptocurrency transfer. Some cryptocurrencies are supported over multiple chains. It's recommended to use `symbol/details` endpoint to get the list of supported chains and show it to the end user to select a target one. #### Huobi: Warning: Huobi does not refund executed deposits that are below the `Minimum Deposit Amount` * Please check the MinimumDepositAmount in Get Deposit Address response in order to avoid making a deposit below the minimum amount * Huobi does not allow withdrawals to addresses that are not white-listed, please add the address that you would like to withdraw to the white list of addresses through the UI so that a withrawal can be processed #### Bitfinex: * The hash of transfer is not available when making a transfer in Bitfinex. To get the hash please re-query the transfer using the transaction id. * Bitfinex does not separate sub-accounts when returning the list of transfers.Therefore the same list of transfers is returned for all Bitfinex sub-accounts. #### KrakenDirect: Kraken requires the explicit chain name to be provided (e.g. `Dogecoin` or `Ethereum (ERC20)`). The list of possible chains can be obtained by calling `symbol/details` endpoint. To initiate a transaction, a Kraken Address Key name should be provided in `TargetAddress` field. Target address should be added using Kraken UI, then its name should be used. #### BitfinexDirect: * The hash of transfer is not available when making a transfer in Bitfinex. To get the hash please re-query the transfer using the transaction id. * Bitfinex does not separate sub-accounts when returning the list of transfers.Therefore the same list of transfers is returned for all Bitfinex sub-accounts. - name: Assets - name: Managed Transfers - name: Wallets paths: /api/v1/token/refresh: post: tags: - Managed Account Authentication summary: Refresh auth token description: "Refresh auth token of the connected institution.\r\nSome institutions do not require tokens to be refreshed.\r\n \r\nThe following institutions require custom flows:\r\n \r\nWeBull: AuthToken should be provided along with the RefreshToken\r\n \r\nVanguard: security settings may activate MFA, requiring user action.\r\nIf MFA is triggered, a second refresh request should be sent.\r\nSecond request should contain MFA code and access token obtained from initial response" requestBody: content: application/json: schema: allOf: - $ref: '#/components/schemas/BrokerRefreshTokenRequest' example: refreshToken: Secret refresh token type: coinbase responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/B2BBrokerRefreshTokenResponseApiResult' example: content: status: succeeded expiresInSeconds: 86400 brokerAccountTokens: - accessToken: New secret token refreshToken: New secret refresh token status: ok message: '' errorHash: 9d3039e8 teamCode: P4 errorType: '' '400': description: Bad Request content: application/json: schema: $ref: '#/components/schemas/ApiResult' example: status: badRequest message: Unauthorized token displayMessage: >- Could not refresh the authentication token. The provided data is not correct errorHash: 1bc4f94f teamCode: P4 errorType: badRequest '401': description: Unauthorized content: application/json: schema: {} components: schemas: BrokerRefreshTokenRequest: required: - refreshToken - type type: object properties: type: enum: - robinhood - eTrade - alpaca - tdAmeritrade - weBull - stash - interactiveBrokers - public - coinbase - kraken - coinbasePro - cryptoCom - openSea - binanceUs - gemini - cryptocurrencyAddress - cryptocurrencyWallet - okCoin - bittrex - kuCoin - etoro - cexIo - binanceInternational - bitstamp - gateIo - acorns - okx - bitFlyer - coinlist - huobi - bitfinex - deFiWallet - krakenDirect - vanguard - binanceInternationalDirect - bitfinexDirect - bybit - paxos - coinbasePrime - btcTurkDirect - kuCoinDirect - okxOAuth - paribuDirect - robinhoodConnect - blockchainCom - bitsoDirect - binanceConnect - binanceOAuth - revolutConnect - binancePay - bybitDirect - paribuOAuth - payPalConnect - binanceTrDirect - coinbaseRamp - bybitDirectMobile - sandbox - cryptoComPay - bybitEuDirect - uphold - binancePayOnchain - sandboxCoinbase - bybitPay - bluvoKrakenOAuth - cashApp allOf: - $ref: '#/components/schemas/BrokerType' refreshToken: minLength: 1 type: string createNewRefreshToken: type: boolean description: "Optional, used when we the refresh token should be refreshed.\r\nCurrently this flow is supported by TD Ameritrade" nullable: true accessToken: type: string description: "Some institutions may require accessToken to be provided as well.\r\nIt's currently required by WeBull and Vanguard" nullable: true tradeToken: type: string description: Currently used to update WeBull trade token. nullable: true mfaCode: type: string description: >- Optional, currently used by Vanguard if account has enforced MFA enabled. nullable: true metadata: type: object additionalProperties: type: string nullable: true description: Additional metadata nullable: true additionalProperties: false B2BBrokerRefreshTokenResponseApiResult: type: object properties: status: enum: - ok - serverFailure - permissionDenied - badRequest - notFound - conflict - tooManyRequest - locked - unavailableForLegalReasons allOf: - $ref: '#/components/schemas/ApiResultStatus' readOnly: true message: type: string description: A message generated by the API nullable: true displayMessage: type: string description: User-friendly display message that can be presented to the end user nullable: true errorHash: type: string description: >- An error grouping hash from string components and caller information. Used by bugsnag on FE for correct error grouping nullable: true readOnly: true teamCode: type: string description: "Opaque team code for error routing. Resolved from exception origin or caller file path via CODEOWNERS.\r\nFormat: 2-character code (e.g., \"7K\", \"M2\"). Use for alerting/routing, not display." nullable: true readOnly: true errorType: type: string description: "Strictly-typed error type that is explaining the reason of an unsuccessful status of the operation.\r\nAll possible error types are available in the documentation." nullable: true errorData: nullable: true readOnly: true content: allOf: - $ref: '#/components/schemas/B2BBrokerRefreshTokenResponse' nullable: true additionalProperties: false ApiResult: type: object properties: status: enum: - ok - serverFailure - permissionDenied - badRequest - notFound - conflict - tooManyRequest - locked - unavailableForLegalReasons allOf: - $ref: '#/components/schemas/ApiResultStatus' readOnly: true message: type: string description: A message generated by the API nullable: true displayMessage: type: string description: User-friendly display message that can be presented to the end user nullable: true errorHash: type: string description: >- An error grouping hash from string components and caller information. Used by bugsnag on FE for correct error grouping nullable: true readOnly: true teamCode: type: string description: "Opaque team code for error routing. Resolved from exception origin or caller file path via CODEOWNERS.\r\nFormat: 2-character code (e.g., \"7K\", \"M2\"). Use for alerting/routing, not display." nullable: true readOnly: true errorType: type: string description: "Strictly-typed error type that is explaining the reason of an unsuccessful status of the operation.\r\nAll possible error types are available in the documentation." nullable: true errorData: nullable: true readOnly: true additionalProperties: false BrokerType: enum: - robinhood - eTrade - alpaca - tdAmeritrade - weBull - stash - interactiveBrokers - public - coinbase - kraken - coinbasePro - cryptoCom - openSea - binanceUs - gemini - cryptocurrencyAddress - cryptocurrencyWallet - okCoin - bittrex - kuCoin - etoro - cexIo - binanceInternational - bitstamp - gateIo - acorns - okx - bitFlyer - coinlist - huobi - bitfinex - deFiWallet - krakenDirect - vanguard - binanceInternationalDirect - bitfinexDirect - bybit - paxos - coinbasePrime - btcTurkDirect - kuCoinDirect - okxOAuth - paribuDirect - robinhoodConnect - blockchainCom - bitsoDirect - binanceConnect - binanceOAuth - revolutConnect - binancePay - bybitDirect - paribuOAuth - payPalConnect - binanceTrDirect - coinbaseRamp - bybitDirectMobile - sandbox - cryptoComPay - bybitEuDirect - uphold - binancePayOnchain - sandboxCoinbase - bybitPay - bluvoKrakenOAuth - cashApp type: string ApiResultStatus: enum: - ok - serverFailure - permissionDenied - badRequest - notFound - conflict - tooManyRequest - locked - unavailableForLegalReasons type: string B2BBrokerRefreshTokenResponse: type: object properties: status: enum: - failed - succeeded - mfaRequired allOf: - $ref: '#/components/schemas/B2BBrokerAuthStatus' errorMessage: type: string nullable: true account: allOf: - $ref: '#/components/schemas/BrokerAccount' nullable: true deprecated: true accessToken: type: string nullable: true deprecated: true refreshToken: type: string nullable: true deprecated: true expiresInSeconds: type: integer format: int32 nullable: true refreshTokenExpiresInSeconds: type: integer format: int32 nullable: true brokerAccountTokens: type: array items: $ref: '#/components/schemas/BrokerAccountTokens' nullable: true additionalProperties: false B2BBrokerAuthStatus: enum: - failed - succeeded - mfaRequired type: string BrokerAccount: type: object properties: meshAccountId: type: string format: uuid frontAccountId: type: string format: uuid readOnly: true deprecated: true accountId: type: string nullable: true accountName: type: string nullable: true fund: type: number description: "Buying power of the account. Typically consists of cash plus available margin.\r\nFor non-margin accounts fund contains cash only" format: double nullable: true cash: type: number description: Cash balance in USD format: double nullable: true isReconnected: type: boolean description: "Indicates if this account was already connected by the current user and device.\r\nCan be null." nullable: true balances: type: array items: $ref: '#/components/schemas/BrokerFiatBalance' description: The list of all asset balances of account nullable: true additionalProperties: false BrokerAccountTokens: type: object properties: account: allOf: - $ref: '#/components/schemas/BrokerAccount' nullable: true accessToken: type: string nullable: true refreshToken: type: string nullable: true tokenId: type: string description: >- Token identifier provided by Mesh when the actual integration's token is managed by Mesh's Token Management System. nullable: true additionalProperties: false BrokerFiatBalance: type: object properties: symbol: type: string description: Account balance currency nullable: true buyingPower: type: number description: "BuyingPower indicates total amount of money the user can spend for buying stock. Always includes cash and\r\ncan also include margin" format: double nullable: true cryptoBuyingPower: type: number description: >- BuyingPower indicates total amount of money the user can spend for buying crypto. format: double nullable: true cash: type: number description: Account cash indicates total amount of money format: double nullable: true additionalProperties: false securitySchemes: Client-Secret: type: apiKey description: Contact Mesh to get client Secret name: X-Client-Secret in: header Client-Id: type: apiKey description: Contact Mesh to get client Id name: X-Client-Id in: header ````