I am using OAuth to generate access token from the refresh token, but when the access token is generated the refresh token is expiring. I think the Refresh token must not expire so that users can generate multiple access tokens using the same refresh token. If user did not use it more than 60 days you can invalidate the refresh token.
We are using it for automation purpose and user can not change the refresh token manually everyday on our server, and also we cannot change the refresh token of user as it is confidential.
so is there any solution we can expand the life spam of refresh token?
Please sign in to leave a comment.