diff --git a/assets/js/playing.js b/assets/js/playing.js
index 64407d7..ce9221c 100644
--- a/assets/js/playing.js
+++ b/assets/js/playing.js
@@ -10,13 +10,15 @@ let refreshTime = readCookie('refreshTime');
 let spotifyApi;
 
 async function fetchAccessToken() {
-  let targetUrl = 'token.php?action=refresh&response=data';
-
-  if (!cookieHasRefreshToken && refreshTokenParam) {
-    targetUrl += `&refreshToken=${refreshTokenParam}`;
-  } else if (!cookieHasRefreshToken) {
+  if (!cookieHasRefreshToken && !refreshTokenParam) {
     // Redirect to login page
     window.location.replace('login.php');
+    return;
+  }
+
+  let targetUrl = 'token.php?action=refresh&response=data';
+  if (refreshTokenParam) {
+    targetUrl += `&refreshToken=${refreshTokenParam}`;
   }
 
   const response = await fetch(targetUrl);
@@ -32,7 +34,9 @@ document.addEventListener('alpine:init', x => {
     init() {
       spotifyApi = new SpotifyWebApi();
 
-      if (cookieHasRefreshToken) {
+      // Don't reuse access token if refreshToken param is passed
+      // so that we force refreshing with a new token on load
+      if (cookieHasRefreshToken && !refreshTokenParam) {
         spotifyApi.setAccessToken(readCookie('accessToken'));
 
         this.poolingLoop();
diff --git a/readme.md b/readme.md
index fecfcb7..3f097bf 100644
--- a/readme.md
+++ b/readme.md
@@ -31,6 +31,7 @@ v2.0.X
 - Fix Safari hardware acceleration
 - No full page reload for reauthentication
 - Mini player usage and generation
+- Allow usage of temporary refresh tokens
 
 <details>
   <summary>v1.6.X</summary>
diff --git a/token.php b/token.php
index b9136d9..15c1c9c 100644
--- a/token.php
+++ b/token.php
@@ -11,26 +11,34 @@
     $REDIRECT_URI = $_ENV['REDIRECT_URI'],
 );
 
-$refreshToken = $_COOKIE['refreshToken'] ?? $_GET['refreshToken'] ?? null;
+// Use the passed GET refreshToken parameter first
+// in case this is used as a not logged in miniplayer
+$refreshToken = $_GET['refreshToken'] ?? $_COOKIE['refreshToken'] ?? null;
 
 if (!isset($_GET['action'])) {
     $session->requestAccessToken($_GET['code']);
 
     $accessToken = $session->getAccessToken();
-    setcookie('accessToken', $accessToken, time() + 3600);
-    setcookie('refreshTime', time() + 3600, time() + (3600 * 365));
     $refreshToken = $session->getRefreshToken();
     $refreshTime = time() + 3600;
+
+    setcookie('accessToken', $accessToken, time() + 3600);
+    setcookie('refreshTime', time() + 3600, time() + (3600 * 365));
     setcookie('refreshToken', $refreshToken, time() + (3600 * 365));
 } elseif ($_GET['action'] == "refresh") {
     $session->refreshAccessToken($refreshToken);
 
     $accessToken = $session->getAccessToken();
-    setcookie('accessToken', $accessToken, time() + 3600);
-    setcookie('refreshTime', time() + 3600, time() + (3600 * 365));
     $refreshToken = $session->getRefreshToken();
     $refreshTime = time() + 3600;
-    setcookie('refreshToken', $refreshToken, time() + (3600 * 365));
+
+    if (!$_GET['refreshToken']) {
+        // No need to set cookies if a refresh token is passed via a GET parameter
+        // We only want to get the necessary tokens and data from a fetch() call
+        setcookie('accessToken', $accessToken, time() + 3600);
+        setcookie('refreshTime', time() + 3600, time() + (3600 * 365));
+        setcookie('refreshToken', $refreshToken, time() + (3600 * 365));
+    }
 }
 
 if (isset($_GET['response']) && $_GET['response'] == "data") {