I'm trying to create an app that works on online access tokens. As per the docs, when the user clicks the "Install" button, an authorization_code is sent to the redirect_uri, using which access_token can be generated via endpoint /admin/oauth/access_token. This all happens during App installation. Now online access tokens expires as soon as the web session expires(or beyond a certain expiry time). How to re-generate the tokens i.e. if in future same/different user uses the app, what's the endpoint to generate the online access tokens????
What's the validity of the authorization_code?
Also, can I use same refresh_token to re-generate fresh access_token?