Refresh Token API Documentation is Incorrect/Outdated

[Gambloide]

Brief description https://dev.twitch.tv/docs/authentication/refresh-tokens/ documents the client_secret attribute as required which is not correct anymore. It is only required for confidential client types, not for public ones. Public clients using the recently introduced Device Code Grant Flow do not have a client_secret and do not need to provide it.

My tests confirm this, as I was able to exchange a refresh token of a public client for a new access token without including a client_secret attribute in the body of the request.