I am working with Cloudfoundry UAA
I am not sure if it is possible in standard oauth2. The situation is ->
- User logs into the app
- He receives an access_token and refresh_token
- He can keep on acquiring new access_tokens which has original scopes
- His access permission changes so new scopes are added for him
Now I need a new access token, without him to log in again. Is it possible that I can use the same refresh_token and ask for access_token with modified scopes?
Thanks in advance!