Why dont i get a new refresh token when i refresh access token in Salesfroce?

Question

When i first authenticate to Salesforce I get an access token and a refresh token. But if the access token has expired i make a call using the refresh token to get a new access token , but in the response there is no new refresh token , is that correct , does the refresh token nver expire for Salesforce .

Here is the call i am making to get a new access token using the refresh call.

         var client = new 
            RestClient("https://myOrg.salesforce.com/services/oauth2/token");
        var request = new RestRequest("", Method.POST);
        request.AddParameter("refresh_token", {currentRefreshToken}, 
             ParameterType.GetOrPost);
        request.AddParameter("grant_type", "refresh_token", ParameterType.GetOrPost);
        request.AddParameter("client_id", {clientId}, ParameterType.GetOrPost);
        request.AddParameter("client_secret", {clientsecret}, ParameterType.GetOrPost);
        var response = client.Execute(request);

I would have expected a new Refresh token in the response ?

Answer 1

What does the documentation say? An Authorization Server does not have to roll refresh tokens. It also doesn't mean that the refresh token does not expire. If the refresh token is a JWT you can decode it and check the expiration time. Otherwise, you can use it for as long as you don't get a 401 response from the refresh endpoint. Once you do, it means that you have to perform the authorization flow once more.