Which two statements about Webex Teams refresh tokens are true? (Choose two.)
A. The refresh token is useless without the client ID and client secret.
B. An attacker can use the refresh token to send messages on behalf of the user.
C. The refresh token is used to generate a new access token.
D. A new refresh token cannot be granted until the client ID is invalidated.
E. The refresh token does not expire.