Refresh token from Backend or Frontend?

Does the Refresh Token need to be handled from FrontEnd or BackEnd side??

Do I need to call just once the /oauth/token endpoint? Or should be one for the grant_type=client_credentials and another one for grant_type=refresh_token?


Hi @marmv90,

There are different types of refresh tokens. This docs explains it, generally.

Typically, the refresh token is going to be handled in whatever application requests it. For example, a React SPA can request a rotating refresh token that will be used to maintain the session between page refreshes, etc. A native app may request a long lived refresh token to keep a user’s session from expiring for a much longer period.

I would suggest using one of our SDKs, which handles most of these transactions for you. If you haven’t already, checkout our quickstarts.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.