Migrating From v6 to v7

Having a refresh token valid for a couple of years is definitely not a secure option. Can you tell me more about what part of our stack you use? Any docs , quickstarts? Thanks!