OAuth2 with grant type "client_credentials" is a perfect example of where this is necessary. When the endpoint is not quite OAuth2, but you still need to get an access token and refresh it. Here is an element where this is implemented: Achievers (4).json.
First you need to configure the initial token exchange. This is done by creating a resource with type: "PROVISION AUTH VALIDATION". Do not use ON PROVISION, as it will not set the "authentication.time" property.
Configure parameters to save the expires_in and access_token that get returned from this call:
Next create a new resource with type "ON REFRESH". In this example, the call to refresh the token is the same as the call to get the token the first time, so this resource will by identical to the first one.
How does it work?
In this example, you need the two API calls. One that PROVISION AUTH VALIDATION, and another for ON REFRESH. Beyond that it is all about the configuration properties:
You need to have "authentication.time" (this should get added for you) and "expires_in". Make sure these are spelled exactly like my example!
When you provision it will set the authentication.time through the PROVISION AUTH VALIDATION resource. Then the "expires_in" will be set by the response of that call.
The next time a call is made our system with check if ("expires_in" + authentication.time > now). if it is, it will call ON REFRESH, which will restart the process.