When a user authenticates and grants permission, they receive both an access token and a refresh token. The access token is used for API calls until it expires. Once expired, the refresh token can be used to request a new access token. This process is usually handled automatically by your email marketing platform or custom-built application, ensuring minimal disruption to your campaigns.