The recommended approach to obtain tokens for the Management API is to make use of OAuth2 client credentials flow like it’s mentioned in the documentation you linked to.
A refresh token for client credentials grant is a bit redundant because a refresh token is meant to represent a specific grant that was issued and which can be reused to obtain refreshed access tokens at a later time. This is equivalent to the client identifier and client secret because that information when used within the scope of client credentials grant is already sufficient to represent the grant in question and can also be used to obtain refreshed access tokens.
In conclusion, the answer to your question is no. If you want to give access to the Management API to a given application then that application will need to know a client identifier and a client secret and perform a client credentials grant.