How to request for an extended scope refresh token in docusign while refreshing access token

Question

I have included the 'extended' scope while generating the authorization URI for oauth code grant flow, but while refreshing the access token, in the response I am getting the scope as 'signature'. How to get the refresh token with extended scope when refreshing the access token. I have attached my code to get the access token from refresh token.

        auth_string = "{0}:{1}".format(
            DOCUSIGN_CLIENT_ID, DOCUSIGN_CLIENT_SECRET
        )
        auth_encoded_hash = b64encode(auth_string.encode("utf-8"))
        auth_header = auth_encoded_hash.decode("utf-8")

 
        url = "https://account-d.docusign.com/oauth/token"

        headers = {
            "Authorization": "Basic {0}".format(auth_header),
            "Content-Type": "application/x-www-form-urlencoded",
        }

        body = {"grant_type": "refresh_token", "refresh_token": refresh_token}
        _response = requests.post(url, data=body, headers=headers)
        response = _response.json() # here I am getting scope as 'signature'

My second follow up question on this, if the refresh token itself get expires while refreshing the access token what would be the error message I will be getting in the response above?

Answer 1

The "extended" scope is needed when you originally consent and get the token from the user so that the refresh token will not expire for 30 days. It is not needed every time you use said refresh token to obtain a new access token.

Error messages for an expired token will typically get an invalid grant error, but the error is subject to change, you should handle all errors and not look for a particular error string.

See Which is the error returned when a DocuSign refresh token is expired? for similar question/answer.