> my POST /auth/refresh code. Is that correct? @User yes. One more thing is that in catch, the library may also throw TOKEN_THEFT_DETECTED error.. in which case there has been an attack on this session - so you may want to revoke that session