How to enable kong open id to refresh access token using refresh token once its expired? i have made the configurations according to the documentation ,but still refresh is not happening, Does the client need to handle that or openid plugin will take care of this?
@mukul_jayaprakash - If the openid /oauth endpoints are exposed to client and they are the one initiating the auth calls then yes, refresh is an operation that needs to be initiated from client side.
@JohnWilliams here iam using openid-plugin in kong route and it takes care of auth calls, token generation
Yes that is correct, but client would be the one who has information of tokens like access_token, refresh_token.
Then once the access_token has expired, client has to request a new access_token by using the refresh_token. In the response client will get a new access_token and refresh_token.
Check the link below,