A bit old but this post has some good information on this topic:
Long story short, you need to pass the parameter access_type=offline, as well the connection_scope parameter with required scopes, when calling the Auth0 /authorize endpoint.
Auth0 doesn’t check for the expiration of tokens nor refresh them.