...
In case of an error condition, e.g. if the refresh token is no longer valid, the response will follow the same structure as for other token endpoint errors. The client should discard the refresh token and obtain a new access token using the server-side flow.
Access
...
and refresh
...
tokens configuration
Keycloak provides a possibility to configure different lifespan of access token and refresh token. This is all done on the Tokens tab in the Keyclock. Expiration time can be configured for:
...