Refresh token using a separate auth server?


I’d like to use JWTs for user authorization. My intention is use an auth server and an app server to keep them separate. This way my auth server will be the only JWT issuing server and the only server w/login and sign up logic.

I’ve recently run into this issue however – how do I refresh a user’s access token if my auth server is separate?

I’d like to use middleware via node.js to check the validity of a JWT, but if it fails, I’d need to contact the auth server, present the user’s refresh token, to get a new access token.

So, what’s the best way to do this? Would I use middleware to issue a remote request to get a new JWT? It seems there’s no other way, so I thought I’d check w/the community.