Could someone explain why our multi-tenant AppFoundry integration receives a 403 Forbidden error during token refresh? The initial authorization code grant succeeds across all tenant contexts without issue.
The failure occurs specifically when calling POST /oauth/token with the refresh grant type. This happens consistently for tenants provisioned after the initial deployment phase.
We are using the standard OAuth 2.0 flow with PKCE enabled. The error persists even after verifying client credentials and scope permissions for the affected organizations.