This is provided code from tutorial. Each time I get token, it is new (every time new iat). Is it correct behaviour? Each time I need to wait extra time (communication between authorization server and my app). I though that token is being cached in memory and I can use it until its expiration, and when it is expires, i get new using refresh token.
Thanks for the answer. Yes, this is what said in documentation too.
But for some reasons it is always new. I decode and print access_token on profile page (for testing purposes), and each time I press the Profile link in header, I get a new token.
ignoreCache not used. Can be somehow a reason the fact I am working on localhost?