--- a/mod_http_oauth2/mod_http_oauth2.lua	Thu May 11 21:43:23 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Fri May 12 11:11:38 2023 +0200
@@ -216,12 +216,9 @@
 	else
 		-- Grant exists, reuse existing refresh token
 		refresh_token = refresh_token_info.token;
-		refresh_token_info.token = nil; -- Prevent persistence of *secret* token
-
-		refresh_token_info.grant = nil; -- Prevent reference loop
 	end
 
-	local access_token, access_token_info = tokens.create_token(token_jid, grant, role, default_access_ttl, "oauth2");
+	local access_token, access_token_info = tokens.create_token(token_jid, grant.id, role, default_access_ttl, "oauth2");
 
 	local expires_at = access_token_info.expires;
 	return {