Any plan to introduce the refresh_token scheme?

[retzero]

First Check

• I added a very descriptive title here.
• I used the GitHub search to find a similar question and didn't find it.
• I searched in the documentation/README.
• I already searched in Google "How to do X" and didn't find any information.
• I already read and followed all the tutorial in the docs/README and didn't find an answer.

Commit to Help

• I commit to help with one of those options 👆

Example Code

No.

Description

When the access_token expires, the user encounters 403 error.
Do you have plan to introduce refresh_token scenario also?

Operating System

Linux

Operating System Details

Ubuntu 22.04

Python Version

3.10.12

Additional Context

No response

[tiangolo]

A refresh token wouldn't add any extra security as the final public client would be the same one that gets access to it. A refresh token would make more sense in other OAuth2 flows, like a code flow, where a secure backend can hold the refresh token.