Refresh Api Token

Hi there,

We're working with the Sophos Apis and we have created a client id and secret.
We're using this access token to make requests and to manage devices, but the token expires 1hour after creation (as is expected).

The response from this request does include a refresh token but none of the api documentation does not describe how to use it. 
Or what requests params/body is needed.
https://developer.sophos.com/getting-started
https://developer.sophos.com/getting-started-tenant
https://developer.sophos.com/getting-started-organization

The https://id.sophos.com/api/v2/oauth2/token response (from the docs above):

{
  "access_token": "<jwt>",
  "errorCode": "success",
  "expires_in": 3600,
  "message": "OK",
  "refresh_token": "<token>",
  "token_type": "bearer",
  "trackingId": "<uuid>"
}

What is the correct format for using this refresh token? Or have we missed something in the api docs or missed a doc?
Thanks.