ESI token question

You mean you’re looking for a description of the process? if so then read here:

https://developers.eveonline.com/blog/article/sso-to-authenticated-calls

In short, once you have a user’s refresh token can you always refresh the authorization. You should however not try to work around the SSO prompt, but have users use it at least once so they know they’re signing on via CCP.

Once you have the first code can you use refresh tokens to get new access tokens. You should then make sure not to mix tokens among users, but keep them safe and secure.