Hi!
We recently moved the user db for our backend API to Auth0, and thus updated our retooling to consume our API with the new Auth0 OAuth2 infrastructure.
The problem that we are seeing is that it would seem that access tokens, after they expire, are not being refreshed, even though we are setting the offline_access scope at authorization time. Our access tokens are rather short lived (~1 hour) so it gets rather frustrating to have to authorize the API so often.
At first I thought that the rotating refresh tokens from Auth0 could be troublesome, but even after switching to non-rotating refresh tokens, we still see that our users need to reuthorize the API multiple times a day.
Does Retool consume and use refresh tokens? I’ve found similar questions to this one in the forum (at least one) and apparently there was once a bug that would manifest this way, but it should have been fixed. Is it possible that it is happening again?