# POST /v1/projects/:projectId/social/reauth-url (/docs/api/reference/social-accounts/reauth-url)



<Endpoint method="POST" path="/v1/projects/:projectId/social/reauth-url" auth="Bearer" scope="social:write" phase="1" />

Create a fresh authorize URL for an account whose `status` has moved to `reauth_required`. The consent flow is identical to [`oauth-url`](/docs/api/reference/social-accounts/oauth-url) — platform-domain page, your `returnUrl`, poll [`oauth-status`](/docs/api/reference/social-accounts/oauth-status) — but on success the tokens bind back to the same `socialAccountId` instead of creating a new one.

Use this when you detect `reauth_required` in [`GET /v1/projects/:id/social-accounts`](/docs/api/reference/social-accounts/list-social-accounts), or when a scheduled post fails with `CREDENTIAL_INVALID`.

<Parameters
  title="Path"
  rows="[
  { name: 'projectId', type: 'string', required: true, description: 'Project owning the account.' },
]"
/>

<Parameters
  title="Body"
  rows="[
  { name: 'socialAccountId', type: 'string', required: true, description: 'Account id returned by list-social-accounts.' },
  { name: 'returnUrl', type: 'string (URL)', required: true, description: 'Where Layers redirects after consent. Must be in the key\'s return_url_allowlist.' },
  { name: 'scopes', type: 'string[]', description: 'Override the default platform scope set. Max 32 entries, each ≤ 64 chars.' },
]"
/>

## Example request [#example-request]

<Tabs items="['curl', 'TypeScript', 'Python']">
  <Tab value="curl">
    ```bash
    curl https://api.layers.com/v1/projects/prj_01HX9Y7K8M2P4RSTUV56789AB/social/reauth-url \
      -H "Authorization: Bearer lp_live_01HX9Y6K7EJ4T2_4QZpN..." \
      -H "Content-Type: application/json" \
      -d '{
        "socialAccountId": "sa_01HXZ9P2M4N5KLM6TUV7WXYZ9A",
        "returnUrl": "https://app.gicgrowth.com/reconnect/tiktok/return"
      }'
    ```
  </Tab>

  <Tab value="TypeScript">
    ```ts
    const { authorizeUrl, state } = await layers.social.createReauthUrl({
      projectId: "prj_01HX9Y7K8M2P4RSTUV56789AB",
      socialAccountId: "sa_01HXZ9P2M4N5KLM6TUV7WXYZ9A",
      returnUrl: "https://app.gicgrowth.com/reconnect/tiktok/return",
    });

    window.location.assign(authorizeUrl);
    ```
  </Tab>

  <Tab value="Python">
    ```python
    result = layers.social.create_reauth_url(
        project_id="prj_01HX9Y7K8M2P4RSTUV56789AB",
        social_account_id="sa_01HXZ9P2M4N5KLM6TUV7WXYZ9A",
        return_url="https://app.gicgrowth.com/reconnect/tiktok/return",
    )
    ```
  </Tab>
</Tabs>

## Response [#response]

<Response status="200" description="Reauth URL created">
  ```json
  {
    "authorizeUrl": "https://www.tiktok.com/v2/auth/authorize?client_key=...&state=st_01HXZB...",
    "state": "st_01HXZB4P9K2M3N4P5QRS6TUV7W",
    "expiresAt": "2026-04-18T19:12:11Z"
  }
  ```
</Response>

Once the user completes consent, the account's `status` returns to `connected` and the existing `socialAccountId` keeps its scheduled posts and metrics history.

## Errors [#errors]

| Status | Code                     | When                                                                                                                                                                              |
| ------ | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| 400    | `VALIDATION`             | `returnUrl` not an absolute URL, `socialAccountId` malformed, or platform of the account is not reauth-eligible (only TikTok and Instagram are reauthable today).                 |
| 401    | `UNAUTHENTICATED`        | Missing or invalid key.                                                                                                                                                           |
| 403    | `FORBIDDEN_SCOPE`        | Key lacks `social:write`.                                                                                                                                                         |
| 403    | `RETURN_URL_NOT_ALLOWED` | `returnUrl` not in the allowlist.                                                                                                                                                 |
| 404    | `NOT_FOUND`              | Project or account not in your organization, or the account is already disconnected — use [`oauth-url`](/docs/api/reference/social-accounts/oauth-url) to create a fresh binding. |

## See also [#see-also]

* [`GET /v1/projects/:id/social-accounts`](/docs/api/reference/social-accounts/list-social-accounts) — watch for `reauth_required`
* [`GET /v1/social/oauth-status/:state`](/docs/api/reference/social-accounts/oauth-status) — poll completion