Through the Hybrid Flow, it is possible to have returned refresh tokens. When the access token expires, the application can use the refresh token to obtain a new access token. It can do this behind the scenes, and without the user’s involvement, so that it’s a seamless process to the user.
grant_typeparameter should always have a value of
refresh_tokenin this flow and the value of the
refresh_tokenparameter should be the actual refresh token obtained by the client after some other flow, like the code flow, which included a refresh token.
- You'll obtain refresh token and access token via the following Token endpoint: https://api.sandbox.mobilepay.dk/merchant-authentication-openidconnect/c...
- As long as you’ve obtained the access token and refresh token, you do not need to think about Authorization Code. Especially since you are only required to deliver the access token in the API request. You do not deliver the Authorization Code in the API request.
how long is it?it is always 64 chars
RequestRefreshToken extension method has convenience properties for the
refresh_token grant type: