diff --git a/pkg/client/client.go b/pkg/client/client.go
index 58986bb..ccc3cc0 100644
--- a/pkg/client/client.go
+++ b/pkg/client/client.go
@@ -48,16 +48,16 @@ func Discover(issuer string, httpClient *http.Client, wellKnownUrl ...string) (*
 	return discoveryConfig, nil
 }
 
-type tokenEndpointCaller interface {
+type TokenEndpointCaller interface {
 	TokenEndpoint() string
 	HttpClient() *http.Client
 }
 
-func CallTokenEndpoint(request interface{}, caller tokenEndpointCaller) (newToken *oauth2.Token, err error) {
+func CallTokenEndpoint(request interface{}, caller TokenEndpointCaller) (newToken *oauth2.Token, err error) {
 	return callTokenEndpoint(request, nil, caller)
 }
 
-func callTokenEndpoint(request interface{}, authFn interface{}, caller tokenEndpointCaller) (newToken *oauth2.Token, err error) {
+func callTokenEndpoint(request interface{}, authFn interface{}, caller TokenEndpointCaller) (newToken *oauth2.Token, err error) {
 	req, err := httphelper.FormRequest(caller.TokenEndpoint(), request, Encoder, authFn)
 	if err != nil {
 		return nil, err
diff --git a/pkg/client/jwt_profile.go b/pkg/client/jwt_profile.go
index 8bb6f4b..a711de9 100644
--- a/pkg/client/jwt_profile.go
+++ b/pkg/client/jwt_profile.go
@@ -9,8 +9,8 @@ import (
 	"github.com/zitadel/oidc/pkg/oidc"
 )
 
-//JWTProfileExchange handles the oauth2 jwt profile exchange
-func JWTProfileExchange(jwtProfileGrantRequest *oidc.JWTProfileGrantRequest, caller tokenEndpointCaller) (*oauth2.Token, error) {
+// JWTProfileExchange handles the oauth2 jwt profile exchange
+func JWTProfileExchange(jwtProfileGrantRequest *oidc.JWTProfileGrantRequest, caller TokenEndpointCaller) (*oauth2.Token, error) {
 	return CallTokenEndpoint(jwtProfileGrantRequest, caller)
 }
 
diff --git a/pkg/client/rp/relying_party.go b/pkg/client/rp/relying_party.go
index 5fbce27..3094f23 100644
--- a/pkg/client/rp/relying_party.go
+++ b/pkg/client/rp/relying_party.go
@@ -536,3 +536,23 @@ func WithClientAssertionJWT(clientAssertion string) CodeExchangeOpt {
 		return client.ClientAssertionCodeOptions(clientAssertion)
 	}
 }
+
+type tokenEndpointCaller struct {
+	RelyingParty
+}
+
+func (t tokenEndpointCaller) TokenEndpoint() string {
+	return t.OAuthConfig().Endpoint.TokenURL
+}
+
+func RefreshAccessToken(rp RelyingParty, refreshToken, clientAssertion, clientAssertionType string) (*oauth2.Token, error) {
+	request := oidc.RefreshTokenRequest{
+		RefreshToken:        refreshToken,
+		Scopes:              rp.OAuthConfig().Scopes,
+		ClientID:            rp.OAuthConfig().ClientID,
+		ClientSecret:        rp.OAuthConfig().ClientSecret,
+		ClientAssertion:     clientAssertion,
+		ClientAssertionType: clientAssertionType,
+	}
+	return client.CallTokenEndpoint(request, tokenEndpointCaller{RelyingParty: rp})
+}