Refresh token or create new token when access_token expired

I’m using two legged authentication which work find until I get token expired.

I stored the refresh_token when I got the response:

  "token_type": "bearer",
  "access_token": "<--redacted-->",
  "expires_in": 7776000,
  "refresh_token": "<--redacted-->"

Then if the token invalid then I use refresh_token to get the new one.

curl -u "tempmon06-3459:<--redacted-->" -d grant_type= refresh_token

All works well, but until I have an account which doesn’t login a long time(more than 90 days I think) then I got token invalid error again. I think refresh_token has expired. not sure if correct.

Then I changed my strategy to create new token every time the token expires by using

curl -u "tempmon06-3459:<--redacted-->" -d grant_type= client_credentials

Which works fine. Then I inject successfully the token and try to use it. I got the new token. But when setup WIFI, it fails on the last step "X Verify device ownership"

Like this image I found in the community.

Not sure what should I do next. Does the way I create new token is wrong, or did I missed any important step?

What I am thing is when generate the new token the token doesn’t know which user? If so I used this way:

which is

curl -X POST \ 
  -d 'username=<YOUR_PASSWORD> \ 
  -d 'password=<YOUR_PASSWORD>' \ 
  -d 'grant_type=password' \
  -d 'client_id=<WHATEVER>' \
  -d 'client_secret=<WHATEVER>'

But still no luck.

Any help? thanks a lot!

Because you need to have the client ID and client secret in order to issue a refresh token, there is basically no advantage of using a refresh token. You should just create a new token if the original token expires rather than trying to use a refresh token.