Does this behavior pass the app store audit? since accesstoken and refreshtoken do not be generated, there will be no revoke action.

Per doc https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens. The code is single-use only and valid for five minutes.

Currently, some customers ask us to refund directly due to they got the information from the apple store that the developer refuses to refund. So we think this API consumption info could make the refund have a greater chance of success. It seems we are wrong. We want to know the real usage of this API?

Yes, we got the 202 successful codes from this API. Currently, some customer asks our developer to do a refund for some special reason. We want to make the refund successful as possible as we can through send this consumption info. Am I right? Is there any misunderstanding of this API?