Does the CloudFoundry UAA support token refresh for logged in user. I'm currently logged in using the "cf-cli" via the SSO passcode. After a week or so the session expires and I have to log in again. Is it possible to refresh the token in the $HOME/.cf/config.json upon expiry ? As per this https://www.rfc-editor.org/rfc/rfc6749#section-6 , we should be able to refresh the token by passing grant_type=refresh_token&refresh_token=tGzv3JOkF0XG5Qx2TlKWIA options. However, it expects the client_id or client_secret to be present i.e use BASIC Auth. Can we do with a currently logged in user ?
You can refresh an access token, but you cannot refresh a refresh token. When your refresh token expires, you must login again.
The refresh_token from config.json is a JWT token, so you can use a tool like https://jwt.io to view the token and see when it expires. Your refresh token will expire at some point, it just depends on how long your administrator allows it to last. A week sounds pretty standard.