Wanted to specifically understand the member constraints for refresh_token and access_tokens lengths. Currently I have refresh_tokens max char value set at 2048 characters but looks like refresh_tokens can exceed that length.
Can you provide what the maximum char length this parameter can emit, so I can have member constraints on my end.
So there’s no range or anything that we can expect this token to lie within? I see one user post saying that the refresh token was around 16k chars…
And you expect clients to not have any validations based on the token length?