thanks I changed it > if you do, you will need to set the

sessionExpiredStatusCode

to

401

on the frontedn @User this would interfer with my logout process on the frontend. a refresh should not return 401 to the frontend as this could trigger a logout in an actual application.