In the case of ST Schema, the refresh token expires until the user deletes the integration from SmartThings, this means when he deletes all the devices that belong to that integration or when he goes to menu > Linked services and deletes it from there.
There’s another case where it can expire but it shouldn’t happen: when the user needs to log in again, this is only if you close the session in your Cloud but it can cause the devices to become offline as well so, it is not recommended.
You can verify the refresh_token doesn’t change when you get a new Access Token, the refresh_token value provided in the response should be the same every time.
Correct, it is static since the grantCallbackAccess/accessTokenRequest interaction is triggered. The team mentioned these other scenarios:
The flow can be re-triggered either by the user when ST loses the AccessToken to the third-party cloud (yours). In this case, they would need to login again.
You can also send the requestGrantCallbackAccess parameter in the discoveryResponse with a value of true. However, this is not suggested unless you can’t refresh the callbackAccessToken using the existing refreshToken.