Refresh Token Grant
This lesson discusses how to get an access token from a refresh token.
As we have seen earlier, the access token is valid only for a certain time frame and it expires after the frame has ended. The reason for this is to ensure security because if the access token gets stolen, the attacker can use it until it expires (which takes a long time) or it is blacklisted on the server.
If the client asks the user to authenticate and authorize every time the access token expires then it will be very frustrating. To avoid this, the client app can use a refresh token. A refresh token is a token that can be used to get the access token when it expires. This should be ...
Access this course and 1400+ top-rated courses and projects.