Refresh Tokens
Last updated
Last updated
Best approach would be that the user should always be presented with the notification of the new refresh token request, even if he was presented with that in the past.
Refresh Tokens should NEVER be exposed to the browser.
