Refreshes an expired JWT access token using a valid refresh token.

POST 
/refresh

Decodes the expired access token, validates the refresh token against the stored user record, and issues new access/refresh tokens if valid. The refresh token expiry is extended.

Errors: Returns 400 Bad Request if the access or refresh token is invalid, expired, or does not match the user.

Request

Responses

200

OK