Layers
Partner APIAPI referenceSocial accounts

POST /v1/projects/:projectId/social/reauth-url

Create a reconnect URL when a social account's tokens expire or get revoked upstream.

View as Markdown
POST/v1/projects/:projectId/social/reauth-url
Phase 1stable
Auth
Bearer
Scope
social:write

Create a fresh authorize URL for an account whose status has moved to reauth_required. The consent flow is identical to oauth-url — platform-domain page, your returnUrl, poll oauth-status — but on success the tokens bind back to the same socialAccountId instead of creating a new one.

Use this when you detect reauth_required in GET /v1/projects/:id/social-accounts, or when a scheduled post fails with CREDENTIAL_INVALID.

Path
  • projectId
    stringrequired
    Project owning the account.
Body
  • socialAccountId
    stringrequired
    Account id returned by list-social-accounts.
  • returnUrl
    string (URL)required
    Where Layers redirects after consent. Must be in the key's return_url_allowlist.
  • scopes
    string[]optional
    Override the default platform scope set. Max 32 entries, each ≤ 64 chars.

Example request

curl https://api.layers.com/v1/projects/prj_01HX9Y7K8M2P4RSTUV56789AB/social/reauth-url \
  -H "Authorization: Bearer lp_live_01HX9Y6K7EJ4T2_4QZpN..." \
  -H "Content-Type: application/json" \
  -d '{
    "socialAccountId": "sa_01HXZ9P2M4N5KLM6TUV7WXYZ9A",
    "returnUrl": "https://app.gicgrowth.com/reconnect/tiktok/return"
  }'
const { authorizeUrl, state } = await layers.social.createReauthUrl({
  projectId: "prj_01HX9Y7K8M2P4RSTUV56789AB",
  socialAccountId: "sa_01HXZ9P2M4N5KLM6TUV7WXYZ9A",
  returnUrl: "https://app.gicgrowth.com/reconnect/tiktok/return",
});

window.location.assign(authorizeUrl);
result = layers.social.create_reauth_url(
    project_id="prj_01HX9Y7K8M2P4RSTUV56789AB",
    social_account_id="sa_01HXZ9P2M4N5KLM6TUV7WXYZ9A",
    return_url="https://app.gicgrowth.com/reconnect/tiktok/return",
)

Response

200Reauth URL created
{
  "authorizeUrl": "https://www.tiktok.com/v2/auth/authorize?client_key=...&state=st_01HXZB...",
  "state": "st_01HXZB4P9K2M3N4P5QRS6TUV7W",
  "expiresAt": "2026-04-18T19:12:11Z"
}

Once the user completes consent, the account's status returns to connected and the existing socialAccountId keeps its scheduled posts and metrics history.

Errors

StatusCodeWhen
400VALIDATIONreturnUrl not an absolute URL, socialAccountId malformed, or platform of the account is not reauth-eligible (only TikTok and Instagram are reauthable today).
401UNAUTHENTICATEDMissing or invalid key.
403FORBIDDEN_SCOPEKey lacks social:write.
403RETURN_URL_NOT_ALLOWEDreturnUrl not in the allowlist.
404NOT_FOUNDProject or account not in your organization, or the account is already disconnected — use oauth-url to create a fresh binding.

See also

GET /v1/projects/:projectId/social-accounts

List connected and leased accounts on a project.

DELETE /v1/social-accounts/:socialAccountId

Revoke a social account. Cancels any scheduled posts on it.

On this page

Example requestResponseErrorsSee also