diff --git a/package-lock.json b/package-lock.json
index c36489d..0f2de75 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,7 +9,7 @@
       "version": "2.1.15",
       "dependencies": {
         "@babel/preset-env": "^7.23.9",
-        "@kinde-oss/kinde-typescript-sdk": "^2.7.1",
+        "@kinde-oss/kinde-typescript-sdk": "^2.8.0",
         "cookie": "^0.5.0",
         "crypto-js": "^4.1.1",
         "jwt-decode": "^3.1.2",
@@ -2615,9 +2615,9 @@
       }
     },
     "node_modules/@kinde-oss/kinde-typescript-sdk": {
-      "version": "2.7.1",
-      "resolved": "https://registry.npmjs.org/@kinde-oss/kinde-typescript-sdk/-/kinde-typescript-sdk-2.7.1.tgz",
-      "integrity": "sha512-YIig6htu7MdlrZ3OJNkgzk1JFxiO29MJPfDZu9o/ohs7b/ZKBTKje4QTYG9tjX4ipE5KDONBFQs4YT8tHZU/UQ==",
+      "version": "2.8.0",
+      "resolved": "https://registry.npmjs.org/@kinde-oss/kinde-typescript-sdk/-/kinde-typescript-sdk-2.8.0.tgz",
+      "integrity": "sha512-LafkGPLVVfunIgnXwmiDDubeOsp+ypcT3mI17ffepaXoBAyjtfxX/bb96f3ThR1VZ4Gsy3LeladduYnyhxPFRg==",
       "dependencies": {
         "jwt-decode": "^4.0.0",
         "uncrypto": "^0.1.3"
diff --git a/package.json b/package.json
index 1a020b2..ada0cf6 100644
--- a/package.json
+++ b/package.json
@@ -57,7 +57,7 @@
   },
   "dependencies": {
     "@babel/preset-env": "^7.23.9",
-    "@kinde-oss/kinde-typescript-sdk": "^2.7.1",
+    "@kinde-oss/kinde-typescript-sdk": "^2.8.0",
     "cookie": "^0.5.0",
     "crypto-js": "^4.1.1",
     "jwt-decode": "^3.1.2",
diff --git a/src/authMiddleware/authMiddleware.js b/src/authMiddleware/authMiddleware.js
index bd71965..af6d305 100644
--- a/src/authMiddleware/authMiddleware.js
+++ b/src/authMiddleware/authMiddleware.js
@@ -36,7 +36,13 @@ const handleMiddleware = async (req, options, onSuccess) => {
 
   const isReturnToCurrentPage = options?.isReturnToCurrentPage;
   const loginPage = options?.loginPage || '/api/auth/login';
-  const publicPaths = ['/_next', '/favicon.ico'];
+
+  let publicPaths = ['/_next', '/favicon.ico'];
+  if (options?.publicPaths !== undefined) {
+    if (Array.isArray(options?.publicPaths)) {
+      publicPaths = options.publicPaths;
+    }
+  }
 
   const loginRedirectUrl = isReturnToCurrentPage
     ? `${loginPage}?post_login_redirect_url=${pathname}`
diff --git a/src/session/index.js b/src/session/index.js
index dff93f9..c5fe488 100644
--- a/src/session/index.js
+++ b/src/session/index.js
@@ -12,6 +12,8 @@ import {getUserOrganizationsFactory} from './getUserOrganizations';
 import {isAuthenticatedFactory} from './isAuthenticated';
 import {getAccessTokenRawFactory} from './getAccessTokenRaw';
 import {getIdTokenRawFactory} from './getIdTokenRaw';
+import {kindeClient} from './kindeServerClient';
+import {sessionManager} from './sessionManager';
 
 /**
  *
@@ -21,6 +23,17 @@ import {getIdTokenRawFactory} from './getIdTokenRaw';
  */
 export default function (req, res) {
   return {
+    refreshTokens: async () => {
+      try {
+        const response = await kindeClient.refreshTokens(
+          sessionManager(req, res)
+        );
+        return response;
+      } catch (error) {
+        console.error('Error refreshing tokens', error);
+        return null;
+      }
+    },
     getAccessToken: getAccessTokenFactory(req, res),
     getBooleanFlag: getBooleanFlagFactory(req, res),
     getFlag: getFlagFactory(req, res),