diff --git a/Cargo.lock b/Cargo.lock
index 3fec596..eea6929 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -739,6 +739,7 @@ dependencies = [
  "serde",
  "serde_json",
  "shlex",
+ "webbrowser",
 ]
 
 [[package]]
@@ -764,6 +765,37 @@ dependencies = [
  "windows-sys 0.61.2",
 ]
 
+[[package]]
+name = "ndk-context"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "27b02d87554356db9e9a873add8782d4ea6e3e58ea071a9adb9a2e8ddb884a8b"
+
+[[package]]
+name = "objc2"
+version = "0.6.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3a12a8ed07aefc768292f076dc3ac8c48f3781c8f2d5851dd3d98950e8c5a89f"
+dependencies = [
+ "objc2-encode",
+]
+
+[[package]]
+name = "objc2-encode"
+version = "4.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ef25abbcd74fb2609453eb695bd2f860d389e457f67dc17cafc8b8cbc89d0c33"
+
+[[package]]
+name = "objc2-foundation"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e3e0adef53c21f888deb4fa59fc59f7eb17404926ee8a6f59f5df0fd7f9f3272"
+dependencies = [
+ "bitflags",
+ "objc2",
+]
+
 [[package]]
 name = "once_cell"
 version = "1.21.3"
@@ -1591,6 +1623,22 @@ dependencies = [
  "wasm-bindgen",
 ]
 
+[[package]]
+name = "webbrowser"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3f00bb839c1cf1e3036066614cbdcd035ecf215206691ea646aa3c60a24f68f2"
+dependencies = [
+ "core-foundation 0.10.1",
+ "jni",
+ "log",
+ "ndk-context",
+ "objc2",
+ "objc2-foundation",
+ "url",
+ "web-sys",
+]
+
 [[package]]
 name = "webpki-root-certs"
 version = "1.0.6"
diff --git a/Cargo.toml b/Cargo.toml
index f78f731..a7b82de 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -11,3 +11,4 @@ reqwest = { version = "0.13.2", features = ["blocking", "form"] }
 serde = { version = "1.0.228", features = ["derive"] }
 serde_json = "1.0.149"
 shlex = "1.3.0"
+webbrowser = "1.1.0"
diff --git a/src/app.rs b/src/app.rs
index 908256a..51b2091 100644
--- a/src/app.rs
+++ b/src/app.rs
@@ -132,6 +132,8 @@ impl App {
 
         println!("Device Grant: {:?}", device_grant);
 
+        webbrowser::open(&device_grant.verification_uri_complete).unwrap();
+
         let start = Instant::now();
         let expiry = Duration::from_secs(device_grant.expires_in);
         let interval = Duration::from_secs(device_grant.interval);
@@ -174,7 +176,50 @@ impl App {
         }
     }
 
-    pub fn show_oath_links(&self) {
+    pub fn refresh_auth(&mut self) {
+        let auth_metadata = self
+            .auth_metadata
+            .as_ref()
+            .expect("Can't refresh without auth");
+
+        let client_registration = self
+            .client_registration
+            .as_ref()
+            .expect("Can't refresh without registration..");
+
+        let auth_token = self
+            .auth_token
+            .as_ref()
+            .expect("Can't refresh without auth");
+
+        let client = reqwest::blocking::Client::new();
+
+        let req = client
+            .post(&auth_metadata.token_endpoint)
+            .header("Content-Type", "application/x-www-form-urlencoded")
+            .header("Accept", "application/json")
+            .form(&[
+                ("client_id", client_registration.client_id.as_str()),
+                ("refresh_token", auth_token.refresh_token.as_str()),
+                ("grant_type", "refresh_token"),
+            ]);
+
+        let res = req.send().unwrap();
+        let status = res.status();
+        let res_text = res.text().unwrap();
+
+        if status != StatusCode::OK {
+            panic!("Error refreshing token");
+        }
+
+        let token = serde_json::from_str::<AuthorizationToken>(&res_text)
+            .expect("Couldn't decode auth token");
+        println!("{:?}", token);
+        println!("Authorized!");
+        self.auth_token = Some(token);
+    }
+
+    pub fn show_oauth_links(&self) {
         let auth_token = self
             .auth_token
             .as_ref()
@@ -194,11 +239,12 @@ impl App {
             .header("Content-Type", "application/json")
             .body(include_str!("../oauthlinks.json"));
 
-        println!("Req {:?}", req);
+        // println!("Req {:?}", req);
 
         let res = req.send().unwrap();
 
-        println!("{}", res.text().unwrap());
+        let json = prettify_json_str(res.text().unwrap().as_str()).unwrap();
+        println!("{}", json);
     }
 }
 
diff --git a/src/main.rs b/src/main.rs
index 6b34190..212f011 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -65,7 +65,8 @@ fn main() {
             Commands::GetAuthMetadata => app.get_auth_metadata(),
             Commands::RegisterClient => app.register_client(),
             Commands::AuthorizeDevice => app.authorize_device(),
-            Commands::ShowOauthLinks => app.show_oath_links(),
+            Commands::RefreshAuth => app.refresh_auth(),
+            Commands::ShowOauthLinks => app.show_oauth_links(),
         }
     }
     //
@@ -153,5 +154,6 @@ enum Commands {
     GetAuthMetadata,
     RegisterClient,
     AuthorizeDevice,
+    RefreshAuth,
     ShowOauthLinks,
 }