You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/usage/refresh.md
+4
Original file line number
Diff line number
Diff line change
@@ -2,6 +2,10 @@ These are long-lived tokens which can be used to create a new access tokens once
2
2
3
3
Utilizing refresh tokens we can help reduce the damage that can be done if an access tokens is stolen. However, if an attacker gets a refresh tokens they can keep generating new access tokens and accessing protected endpoints as though he was that user. We can help combat this by using the fresh tokens pattern, discussed in the next section.
4
4
5
+
!!! note
6
+
For accessing **/refresh** endpoint remember to change **access_token** with **refresh_token** in the header
7
+
`Authorization: Bearer <refresh_token>`
8
+
5
9
Here is an example of using access and refresh tokens:
0 commit comments