It is access_type=offline
that you want.
This will return the refresh token the first time the user authorises the app. Subsequent calls do not force you to re-approve the app (approval_prompt=force
).
See further detail: https://developers.google.com/accounts/docs/OAuth2WebServer#offline