Share via

User authorization tokens for long-term use

yj 0 Reputation points
2024-07-03T14:40:06.68+00:00

I want to issue tokens with user permissions and utilize these tokens for an extended period.

The flow would likely be as follows:

  1. When a user logs in, the server issues an access_token and a refresh_token.
  2. For each API request, the client includes the access_token in the header.
  3. When the access_token expires, the client uses the refresh_token to request a new access_token from the server.
  4. The server verifies the refresh_token and issues a new access_token and refresh_token.
  5. The client continues API requests with the new access_token in the header.

My question is: Is there a limit to the number of times a refresh_token can be issued? Or are there any other specific constraints? I couldn't find information about limitations on refresh_token issuance in the official documentation. If you have any related answers or links, please let me know!

Would you like me to provide any information or thoughts on this topic?

Microsoft Teams Development
Microsoft Teams Development
Microsoft Teams: A Microsoft customizable chat-based workspace.Development: The process of researching, productizing, and refining new or existing technologies.
3,062 questions