Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
A refresh token is a long-lived OAuth 2.0 credential used to obtain new access tokens without re-authentication, often protected by rotation.
Refresh Token Definition: A refresh token is a long-lived OAuth 2.0 credential used to obtain new access tokens without re-authentication, often protected by rotation.
A refresh token is a long-lived credential issued in OAuth 2.0 alongside a short-lived access token, allowing a client to obtain new access tokens without prompting the user to re-authenticate. Because they grant continued access, refresh tokens are sensitive and require secure storage, and may be protected through rotation, where each use issues a new refresh token and invalidates the old one to detect token theft.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →