Refresh token

Refresh token, as its name suggests, is used to refresh or reset the user's access token. When a user's access token expires, we check if the user has a refresh token. Then, we verify it against the one stored in our database. If correct, we renew both the access token and refresh token for that user. The refresh token is long-lived compared to the access token because of its use case. Because of the refresh token, the user doesn’t need to enter credentials again and again every time the access token expires. We just send the user to hit a specific endpoint, after which it is renewed.