Firebase: When should I use refreshToken?

Question

According to Firebase documentation, a refresh token is only for advanced scenarios that require explicitly refreshing tokens.

In which cases should I use that token, and what are the advantages of using it?

private afAuth: AngularFireAuth

this.afAuth.auth.currentUser.getIdToken()
.then(idToken => // Gives me a different token from key name called pa);

Also, I'm not sure the difference between refreshToken and the returned token from getIdToken(). Currently, I'm using the latter for HTTP requests.

Note: getIdToken returns a JWT token used to identify the user to a Firebase service.

Answer 1

Refreshtoken:

A refresh token for the user account. Use only for advanced scenarios that require explicitly refreshing tokens.

GetIdToken:

Returns a JWT token used to identify the user to a Firebase service. Returns the current token if it has not expired, otherwise this will refresh the token and return a new one.

The refreshtoken is used in the following situations:

The current user's access token is refreshed. This case can happen in the following conditions:

1. The access token expires: this is a common situation. The refresh token is used to get a new valid set of tokens.

2. The user changes their password: Firebase issues new access and refresh tokens and renders the old tokens expired. This automatically expires the user's token and/or signs out the user on every device, for security reasons.

3. The user re-authenticates: some actions require that the user's credentials are recently issued; such actions include deleting an account, setting a primary email address, and changing a password. Instead of signing out the user and then signing in the user again, get new credentials from the user, and pass the new credentials to the reauthenticate method of the User object.

more info here: https://firebase.google.com/docs/auth/users