Hello,
With a SPA, in order to get the refresh token from the /token endpoint:
- SPA: set config useRefreshTokens to true
- API Config: set Allow Offline Access to true
- Application config: Advanced Settings \ Grant Types \ Refresh Token enable
- Application config: enable Refresh Token Rotation
Enabling RTR was the key for me to retrieve the refresh token.
Hope this helps!