which should then manually refresh the session and reload the page -> this time the new access token will be sent and your backend SSR will succeed.