diff --git a/packages/nocodb/src/models/UserRefreshToken.ts b/packages/nocodb/src/models/UserRefreshToken.ts
index 5bd644d6bd..75214aface 100644
--- a/packages/nocodb/src/models/UserRefreshToken.ts
+++ b/packages/nocodb/src/models/UserRefreshToken.ts
@@ -68,11 +68,11 @@ export default class UserRefreshToken {
       null,
       MetaTable.USER_REFRESH_TOKENS,
       {
-        token: oldToken,
+        token: newToken,
         expires_at: dayjs().add(90, 'day').toDate(),
       },
       {
-        token: newToken,
+        token: oldToken,
       },
     );
   }
diff --git a/packages/nocodb/src/services/users/users.service.ts b/packages/nocodb/src/services/users/users.service.ts
index c95fc3e565..4ccfbf14f9 100644
--- a/packages/nocodb/src/services/users/users.service.ts
+++ b/packages/nocodb/src/services/users/users.service.ts
@@ -370,9 +370,9 @@ export class UsersService {
         NcError.badRequest(`Missing refresh token`);
       }
 
-      const user = await User.getByRefreshToken(
-        param.req.cookies.refresh_token,
-      );
+      const oldRefreshToken = param.req.cookies.refresh_token;
+
+      const user = await User.getByRefreshToken(oldRefreshToken);
 
       if (!user) {
         NcError.badRequest(`Invalid refresh token`);
@@ -380,10 +380,7 @@ export class UsersService {
 
       const refreshToken = randomTokenString();
 
-      await UserRefreshToken.insert({
-        token: refreshToken,
-        fk_user_id: user.id,
-      });
+      await UserRefreshToken.updateOldToken(oldRefreshToken, refreshToken);
 
       setTokenCookie(param.res, refreshToken);