oauth access token to get new access token

111 views Asked by At

Can an access token be used to obtain a new access token, or must you use a refresh token? Currently my oauth provider isn't providing a refresh token so I am trying to understand the capability, as I don't want to repass user/pw to provider after initial bearer token request.

1

There are 1 answers

0
ishan05 On BEST ANSWER

I don't believe there is a possible way to get an access token without using a non-blacklisted refresh token. This is by design, since we don't want access tokens to be used for something they were not granted for. Ideally you would have saved a refresh token to get a new access token. Of course if the refresh token is expired or explicitly blacklisted by the server, you need to acquire a new one.

I found this helpful article here on it:

https://auth0.com/learn/refresh-tokens/