I don’t hold the username and password of the user, so how can I
send a refresh token request if i don’t have the user credentials?
With the Refresh token grant flow:
-you receive one refresh token once the user authenticated (along with the access and or ID tokens). This refresh token is suppose to be stored in your app memory so you can make use of it whenever its needed (like for example to request new refresh token).
To implement the refresh token grant, there’s a need to add:
to the /authorize request (the one that initiates the authentication process) on your app code side.
2. Please enable the Refresh token grant flow for the application (client app) in question in your Auth0 tenant.
3. Please Allow Offline Access for the API in question in your Auth0 tenant, under Access Settings section.
Happy to follow up in case of more questions on this topic!