Refresh access token
Uses httpOnly refresh token cookie and X-CSRF-Token. Returns new access token and rotates refresh cookie.
Headers
X-CSRF-Token
CSRF token from GET /auth/csrf
Response
data: { accessToken }
Errors
401
Unauthorized Error
403
Forbidden Error
