> ## Documentation Index > Fetch the complete documentation index at: https://smartcar.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Refreshing Access Tokens > Your access token will expire **2 hours** after it is issued. When this happens, your application can retrieve a new one by using the corresponding `refresh_token` without requiring the user to re-authenticate. The Vehicles API v2.0 will be deprecated by **Q4 of 2026**. We recommend migrating to the [latest version](/api-reference/intro) as soon as possible to ensure continued support and access to new features. This refresh flow applies to per-vehicle OAuth tokens in the v2.0 API. The v3 API uses [application-level M2M tokens](/api-reference/authorization/overview), which are short-lived and re-requested with client credentials rather than refreshed. A refresh token is invalidated 10 minutes after use. If your first attempt at refreshing tokens fails, ensure you retry within 10 minutes. Please ensure you're persisting **both the newly minted access and refresh token**. Failure to do so will require the user to authenticate again after the access token has expired. ## Request **Headers** Must be set to `application/x-www-form-urlencoded`, matching the format of the request body. A valid HTTP User Agent value. This value is typically included in the HTTP requests by the client that is making the request. You usually don't have to set this manually. **Body** This value must be set to `refresh_token` The refresh token received in the response with the access token from an [auth code exchange](/api-reference/authorization/auth-code-exchange) or prior token refresh. **Response**