The purpose of that is to:
- Let the frontend know about changes in refresh token without actually having access to the refresh token. This is used to synchornise parallel calls to the refresh API.
- Let the backend know that a session exists even if the access token has expired, and without sending the actual refresh token to all APIs.