How can get 90 day refresh token using Microsoft Graph authentication API

Question

I'm using the MSAL Browser library Login on js client with using acquireTokenSilent or acquireTokenPopup to get access token and refresh token.

The refresh token I'm getting is valid for 1 day as can be seeing on refresh the access token section:

I want to change my login process to get a refresh token that will be valid for 90 days. How is it possible?

My server is .NET Core.

Thanks!

score 1 · Answer 1 · answered Jul 19 '21 at 23:03

1

If you need to retain a refresh token for longer, you'll need to use the Authorization Code grant and store it server-side. The expiration of refresh tokens generated using the Implicit grant is fixed at 24 hours.

answered Jul 19 '21 at 23:03

Marc LaFleur

31,987
4
37
63

Hi, using the code grant flow I see that if I don't revoke the token for 24 hours I'm no longer able to get an access token. What should I do? Thanks! – Dor Fellus Cohen Aug 10 '21 at 06:52

How can get 90 day refresh token using Microsoft Graph authentication API

1 Answers1