OptionaldefaultOptionalloggerOptionalonFire-and-forget hook for persisting the refreshed token (e.g. to a DB via a queue job).
OptionalrefreshHow far ahead of expiry to trigger a refresh, in ms. Defaults to 5 minutes.
OptionalrequestMost OAuth2 token endpoints (Google, Microsoft, HubSpot, Salesforce, Spotify...) accept application/x-www-form-urlencoded, which is the default. A few (e.g. Atlassian's auth.atlassian.com) require a JSON body instead.
OptionalresponseManual dot-path overrides for non-standard response shapes (e.g. "data.token.accessToken"). Only needed when the built-in auto-detection (snake_case, camelCase, and a 1-level "data"/ "result" envelope) can't find the field — most hand-rolled internal auth endpoints don't need these. When given, the override fully replaces auto-detection for that field (no fallback).
OptionalresponseOptionalresponse
Used only when no expiry field can be found anywhere in the response — many internal auth endpoints don't return a TTL at all. Defaults to 3600 (1 hour).