Hey All,

Hope this is the ride sub and is a super easy question but I just can't find anything on this so I feel I've missed something fundamental..

• Generating a JWT token [tick]
• Generating a Refresh token [tick]
• Using a Refresh token when access_token is expired [HELP!]

Say I have a route protected with [Authorize], api.mysite.com/protected/test and a user navigates to this route with an expired token we receive a 401 status with "Bearer error="invalid_token", error_description="The token is expired""

How/Where do I code it such that if the token is expired it's refreshed?

Currently the JWT token is generated on the login endpoint and I have another endpoint for the refresh token; do I need to redirect on 401 error or? What have I missed here?

Thanks for the help :)