0

I'd like to configure at the issuer level a way to see if an authentication token has been renewed that a redirect screen will appear to remind (or enforce) a cool off period, for example if I were playing Age of Empires, Civilization, or Sim City online I would need something like that to save my game (with just one more turn...).

  • Is there any way I can determine when a OIDC session expiration occurs, and/or an OAuth resource token needs renewal, has been renewed?

  • Could a B2C Function app read an AppInsights (or some other log) to offer mental health reminders (or a variety of other things for a better life) in the form of a loading... page? (Like the Apple iOS launch screen guidelines, but created an extension of identity and privacy)

TLDR
  • 1,198
  • 1
  • 12
  • 31

1 Answers1

0

When doing a silent token call, the auth_time claim is updated. So each time you call an API, make a silent token call and compare the auth_time claim with the last stored auth_time claim. If they are different, a token renewal occurred. You can freely call for silent tokens with MSAL, and it’ll only obtain a new token if the one in the cache has expired.

Jas Suri - MSFT
  • 10,605
  • 2
  • 10
  • 20
  • Thank you! I'll look and see if the auth_time is logged and if it's possible to configure B2C to refuse to renew a silent token call until an authenticated HTTP browser flow is initiated. – TLDR Jul 11 '20 at 15:07