Refresh Tokens
← Back to OAuth 2.0
Long-lived tokens used to obtain new access tokens without requiring the user to re-authenticate. Refresh tokens should be stored securely, rotated on use (one-time use), and revocable. They enable long user sessions while keeping access tokens short-lived.