thanks @joshua,

1361 seems about client secret rotation, not refresh tokens.

But the implications seem the same to me: if you rotate - whatever you rotate - you have the problem above and the need of a grace period.

I think my question is answered anyway, will look forward to adopt refresh token rotation when it's safer to do that in the face of clients that use parallel requests.

cheers
f