Refresh an authentication token

POST 
/api/auth/refresh

Validates the current refresh token from the Authorization header and issues a new JWT app token and refresh token pair. The previous refresh token is invalidated. Requires the caller to have the refresh role.

Responses

200

Returns new app token and refresh token.

401

Authentication failed — token is missing, expired, or invalid.

403

The refresh token is invalid or has been revoked.

500

An unexpected server error occurred.