There are two “worlds”, OAuth, and API only.

API world (JSON in body, proprietary to FusionAuth):

Application > Security > Login API Settings > Generate Refresh Tokens (Generate a a refresh token when using the Login API) Application > Security > Login API Settings > Enable JWT refresh (Allow a JWT to be refreshed using the /api/jwt/refresh API)

OAuth world (form params, in body and in request, standardized):

Application > OAuth > Generate Refresh Tokens (Generate a refresh token if offline_access scope was requested) Application > OAuth > Enabled Grants > Refresh Token (Allow a JWT to be refreshed using an refresh token) (edited)

If you are living in the OAuth world, then you can disable the API access, and just use the OAuth configuration. And vice versa.

It looks like the uuid isn't being sent as a string. Per https://fusionauth.io/docs/v1/tech/reference/data-types#uuids it should be quoted.

So you want to send:

{ "applicationId": "15e45e7d-3e34-43df-9366-91c66a8cc9ae", "loginId": "myuserid", "password": "mypassword" }

My guess is you are missing the applicationId on the login API request.

A refresh token is per user per application, so passing that is required to provide refresh tokens (even though it is optional for the call to succeed).