The OIDC access tokens created with a OIDC Authorization Flow requesting an Authorization Code will expire after the indicated time span. In those flows, you are also provided with a refresh token, that you can use to generate a fresh access token.
The refreshing of the access token using the refresh token requires the client secret information. It must be done from a secure backend to not expose confidential secrets.
The Access Token lifespan is 2 hours.
Example
curl -X 'POST' \
'https://demo.unidy.de/oauth/token' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"client_id": "ileuI8NDtt1WXEdp6xzekX7o7Sjp-m0lnQbWetmR4iQ",
"client_secret": "<CLIENT_SECRET>",
"refresh_token": "<REFRESH_TOKEN>",
"grant_type": "refresh_token"
}'The response will have the same information as the original access token response, just with a new access and refresh token.