To use the refresh token, make a POST request to the service’s token endpoint with grant_type=refresh_token , and include the refresh token as well as the client credentials if required .
Read moreWhy do we need refresh token?
So why does a web application need a refresh token? The main reason to use refresh tokens in web applications is to reduce the lifetime of an access token . When a web application obtains an access token with a lifetime of five to 10 minutes, that token will likely expire while the user is using the application.
Read moreWhat is refresh token in API?
Refresh Tokens are credentials used to obtain access tokens . Refresh tokens are issued to the client by the authorization server and are used to obtain a new access token when the current access token becomes invalid or expires, or to obtain additional access tokens with identical or narrower scope.20 May 2017
Read moreIs refresh token a JWT?
The API returns a short-lived token (JWT), which expires in 15 minutes, and in HTTP cookies, the refresh token expires in 7 days. JWT is currently used for accessing secure ways on API, whereas a refresh token generates another new JWT access token when it expires or even before .
Read more