If your app is public app or browser based app, they are automatically enabled for OAuth 2.0 Authorization code flow by mandate. Most of our Public Developer Integrations follow this approach of caching the tokens and using them again to refresh the tokens. This would save you the hassle of having your customers to re-login to the application again.

For ex: take a look at our JS SDK we have the capability to

• 
  
• Automatically handles token lifecycle procedures in multi-tab environment

Per which all the SDK does is does a platform.refresh() which does the token refresh so that you would get a new pair of access tokens and refresh tokens. The TTL on these tokens is as below:

Access tokens -> 1 hour

Refresh tokens -> 1 week

For more information, take a look at our API Ref on Refreshing Tokens here:

https://developer.ringcentral.com/api-docs/latest/index.html?_ga=2.173676707.1251766995.1497294076-36679432.1496796033#!/%23AuthorizationFlows.html#RefRefreshTokenFlow

This is how we do it in our JS SDK : https://github.com/ringcentral/ringcentral-js/blob/master/src/platform/Platform.js#L386

Additionally, you could also take a look at our Developer Community Articles here for more information and assist:

https://devcommunity.ringcentral.com/ringcentraldev/topics/how-does-oauth-work-as-far-as-getting-the-token-and-refreshing-of-the-token-in-my-code

https://devcommunity.ringcentral.com/ringcentraldev/topics/generating-access-token-and-refresh-token-and-efficiently-using-them