I think I get the flow of OAuth2 using the Authorization Code grant type. The resource owner logs into a server, then gets redirected to the client with an authorization code. The client then uses the authorization code to query the authorization server for an access token and refresh token. This is where I get confused.
When the access token expires, should the client use the authorization code or refresh token to get a new access token? Why would you want a refresh token if you have an authorization code?
Note I am not looking for an answer saying "The refresh token is optional" because I am writing this server for, amazon-alexa, a service that requires refresh tokens AND the authorization code grant type.