I am trying to acquire token by aquiretokensilent after login and then have to do authorization in multiple modules.As documentation of MSAL-browser acquiretokensilent will automatically take care of refresh token.In network tab also i am able to see refresh token.But how to use it, does it automatically replace access token or do i need to do something extra and how i can see that refresh token in the console converting to access token after expiry of access token.I have read lot of documents but not got clearity how to use it.
Asked
Active
Viewed 6,860 times
-1
user3420561
- 188
- 1
- 2
- 20
-
Refresh token is used to refresh access token, you can see [this doc](https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#refresh-the-access-token), it won't refresh the access token automatically. You can decode the access token and check if the access token is expired and choose to refresh the access token. Using refresh token to generate a new access token can void user operation, that means you can made the access token never expired silently. – Tiny Wang May 13 '21 at 09:28
-
In other words, users signed in and generate an access token and refresh token, you can use the access token to call some api. When the token expired, you can use refresh token and call the request to generate a new access token so that you don't need to made your user signed in again. – Tiny Wang May 13 '21 at 09:32
-
thanks for your response, i want to know as per documentation aquiretokensilent will do refresh automatically in msal browser thats correct? and should i call this aquiretokensilent before api call? if yes then how i can test that after one our the token is being renewed? – user3420561 May 13 '21 at 14:02
-
Have you written some code? Emm, I think you may post some of your code so that we can know it better. Thanks a lot. – Tiny Wang May 13 '21 at 16:02
-
How's going? Has your issue got resolved? If my post is helpful, pls kindly accept it as an answer, so that it will help others. – Stanley Gong May 18 '21 at 01:27
1 Answers
1
A refresh token is used for renewing an access token or request access tokens with other scopes.
This official doc indicated that how a refresh token renews/requests a new access token and a new refresh token at the base layer.
And yes, you should call aquiretokensilent before API call, if the access token exists and it is not expired, this function will reply the access token to you from local cache directly, if not, it will request a new access token by refresh token from Azure AD.
For details, see this doc.
Stanley Gong
- 11,522
- 1
- 8
- 16
-
thanks for answering and i have one more doubt can you please tell me when i am logging out by using loginredirect and its logging me out but after that it moves me to select username (my microsoft username) and it will login me but the thing is i am not able to get account object in this flow , due to which aquiretokensilent is not implementing and i am not able to supply token and not able to see different menus which appears when token is supplied. but when i refresh that page automatically account object appears and its working fine. – user3420561 May 19 '21 at 17:25
-
@user3420561, Microsoft official recommanded close your browser after you log out of an account. So you should close the browser first and login again – Stanley Gong May 20 '21 at 01:01
-
@StanleyGong Just curious to know if same flow does exist for MSAL Android lib also? – deen Mar 01 '22 at 16:17