Provided with a refresh_token, this endpoint will return a new access_token and refresh_token. You must use either Grant-Type Password or Grant-Type Code to generate the initial access_token and refresh_token.

access_token - Expires after 3600 seconds. Used in all non-auth endpoints to access account data.

refresh_token - Expires when a new refresh_token is requested using the same credentials or after 30 days. Password or Code grant types are limited to 5 authentication attempts per hour. Using the refresh token workflow avoids unneeded access token requests and prevents your application from reaching this limit.