The REST AppBlock supports OAuth 2.0. Once OAuth is configured, every REST API call will include the access token in the header of the request To utilize a refresh token in the app, the OAuth settings must utilize the ‘Explicit’ OAuth type. ‘Implicit’ does not support refresh tokens. If there is a refresh token provided with the initial OAuth, the MobileSmith app will use this token to receive a new access token. If the refresh token is expired, the user will be presented with a user login screen and the OAuth process will begin again.