This is to demonstrate how refresh_token can be rotated from VIP Auth Hub as Authorization Provider.
Release : Oct.05
This feature is documented as below.
Following is the demonstration:
1. Obtain a Refresh Token
We use "/token" endpoint with scope as "offline_access" to get a Refresh Token
We got "refresh_token": "apuRLPNo0kTWGrXKopnqYUb0tXeoBaNQUHyC"
2. Obtain both new Access Token and new Refresh Token using the Refresh Token grants
In the "/token" endpoint request body, enter the value of the obtained Refresh Token above.
Refresh Token is updated, i.e. "refresh_token": "O8d230jD03B7GkPIvYJfbOhoWX4YCw98Atmx", with a renewed expires_in value.