HashiCorp Vault adds background refresh for mcp_oauth credentials

AI Impact Summary

HashiCorp Vault now supports automatic background refresh of credentials issued via mcp_oauth. This enables automatic renewal of mcp_oauth credentials without client-side refresh calls, reducing the risk of service disruption from expired tokens. Operators should monitor lease TTLs and renewal status and consider aligning mcp_oauth role TTL/max_renewals with rotation policy; no code changes are typically required for apps relying on Vault-issued credentials.