|
|
|
|
|
|
by upofadown
2779 days ago
|
|
|
If the refresh token is only being used for authentication and expires in a reasonable time for the application then you would not need prior consent so you would not need a banner. You would still have to explicitly disclose what you are doing on some sort of easy to find cookie policy page. Some good discussion here: * http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm |
|
|