following some of your suggestions I designed an application composed of a:
1- frontend web application
2- backend REST API
The frontend has a servlet-proxy to the backend REST API to avoid cross domain problems.
The backend has a bearer-only configuration.
Everything is working until the token does not expire, I tried to force refresh when I recieve 401 status but it does not work.
What is supposed to be done every time the access tokes expires?