post https://rest.sandbox.karhoo.com/v1/auth/refresh
When the access_token expires, you can call this endpoint passing a refresh_token (obtained previously from /token) as a parameter. This allows you to obtain a new token without providing the username and password each time, and is intended primarily for mobile apps. It is not recommended for other API users, but you may use it at your discretion.