JWT Migration Non-RefreshableFollow these steps to to implement authentication with a non-refreshable token
- A login is performed using
/api/auth/generate_tokens endpoint. An access token and a refresh token will be returned.
- The two tokens needs to be stored for future usage.
- Any authenticated request will require the access token to be present in the HTTP header, similarly to what was already happening in the past with the legacy token.
- When the access token is about to expire, the refresh token can be used to obtain a new access token, using the
- Loop back to step 3, until the refresh token expires.
- To start over, a new login needs to be performed again, return to step 1.