A refresh token allows you to maintain access without having to grant new access via Re logging in every single time you visit the site. How long those tokens are good for depends on the service and they should never ever be sent to the client because that is essentially your users password, right?
In this Hasty Treat, Scott and Wes talk all things oAuth - what is oAuth? What terms do you need to understand when working with oAuth? And tips for working with oAuth.
Show Notes
Tweet us your tasty treats