RFC: https://github.com/strapi/rfcs/issues/9

There are many cases where you don't want to login again because a JWT has an expiration date. Here comes the refresh token pattern that allows the client asking a new token without the need to login again.

More details https://github.com/strapi/strapi/issues/1676