Hi @tom27,
Welcome to the Auth0 Community!
For the first symptom, the token is expiring in 1 hour because you have set your API’s Token Expiration and Token Expiration for Browser Flows to 1 hour (3600 seconds). This will cause you to see the Login Required error and require reauthentication to get a new valid access token. Please refer to our Change access_token Expiration Time knowledge article.
As for the second symptom, it seems to be happening because it failed to exchange a refresh token for an access token. In this situation, you must ensure you are not reusing your refresh tokens when you have refresh token rotation enabled. You must use a new refresh token that was issued after getting a new access token and refresh token. (Reference: Use Refresh Token Rotation)
Thanks,
Rueben