| Warning |
|---|
This page is under construction |
Refresh token grant can be used when the current access token is expired or need to get a new access token. At this grant type Refresh token act as a credential and is issued to the client by the authorization server. Issuing a refresh token is optional and if the authorization server issues a refresh token, it is included when issuing an access token. WSO2 Identity Server issues refresh tokens for grant types other than implicit grant as recommanded by the specification as well.
Flow:
In order to use this grant type, a refresh token needs to be already received when using a grant type like authorization code, password or client credentials. Then using this received refresh token, a new access token can be received along with a new refresh token without going through any other additional steps.
...