Closed superosku closed 7 months ago
Not against adding this, but I am curious about the use-case. Given that omitting the scope is equal to keeping the original scope, the only real reason I see to specify this is to reduce the scope. Is this what you're using it for, or are you talking to a server that requires it no matter what?
Refresh token grant takes an optional parameter
scope
according to the oauth2 specThe client just takes the (refresh) token as a parameter link:
How about adding an optional scope to the client.refreshToken method.
Can be bypassed for now by using the
request('tokenEndpoint', body)
method directly.Also: README.md seems to have the method name incorrectly as refresh instead of refreshToken.
Thanks!