Generate graph access token wthout browser for online meeting api

Question

So as I read at multiple places, for us to use azure https://graph.microsoft.com/v1.0/me/onlineMeetings api, we would need to use "auth-code grant flow" instead of "client_credentials".

So when using the authorize api i am able to generate the token successfully using the code running in browser
https://login.microsoftonline.com/learningllrts.onmicrosoft.com/oauth2/v2.0/authorize?client_id=f1b12a5e-2d9f-4792-a803-99d85889f5de&scope=openid offline_access OnlineMeetings.ReadWrite&redirect_uri=https://127.0.0.1:8083/&response_type=token&state=12345&response_mode=fragment&prompt=none&nonce=678910&login_hint=sakshi@learningllrts.onmicrosoft.com

Generates something like this
https://127.0.0.1:8083/#access_token=eyJ0eXAiOiJKV1QiLCJub25jZSI6IlFzMDU5eXp6SWFOdlcwNmdKWlZramlQV1lEckJTSHFsNVU1UW9NVk51Z3MiLCJhbGciOiJSUzI1NiIsIng1dCI6Im5PbzNaRHJPRFhFSzFqS1doWHNsSFJfS1hFZyIsImtpZCI6Im5PbzNaRHJPRFhFSzFqS1doWHNsSFJfS1hFZyJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTAwMDAtYzAwMC0wMDAwMDAwMDAwMDAiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9hMWM3NDQ0MS04MGY2LTQyZTYtOTAwNy1hMDliNDBiYmVhMGEvIiwiaWF0IjoxNjExNDMyNjUyLCJuYmYiOjE2MTE0MzI2NTIsImV4cCI6MTYxMTQzNjU1MiwiYWNjdCI6MCwiYWNyIjoiMSIsImFjcnMiOlsidXJuOnVzZXI6cmVnaXN0ZXJzZWN1cml0eWluZm8iLCJ1cm46bWljcm9zb2Z0OnJlcTEiLCJ1cm46bWljcm9zb2Z0OnJlcTIiLCJ1cm46bWljcm9zb2Z0OnJlcTMiLCJjMSIsImMyIiwiYzMiLCJjNCIsImM1IiwiYzYiLCJjNyIsImM4IiwiYzkiLCJjMTAiLCJjMTEiLCJjMTIiLCJjMTMiLCJjMTQiLCJjMTUiLCJjMTYiLCJjMTciLCJjMTgiLCJjMTkiLCJjMjAiLCJjMjEiLCJjMjIiLCJjMjMiLCJjMjQiLCJjMjUiXSwiYWlvIjoiQVVRQXUvOFNBQUFBSWFyYWlVbVArejFFNEhVS2hiWUVHR2ZIRVpSd2xjd3l4L0VjNjM5VGY0bkdMZENrc0hFbk9La0wxcmhmZFZjenVISlEyOUlYZm94U3hpNENiWmRHS2c9PSIsImFtciI6WyJwd2QiLCJtZmEiXSwiYXBwX2Rpc3BsYXluYW1lIjoibGVhcm5pbmciLCJhcHBpZCI6ImYxYjEyYTVlLTJkOWYtNDc5Mi1hODAzLTk5ZDg1ODg5ZjVkZSIsImFwcGlkYWNyIjoiMCIsImZhbWlseV9uYW1lIjoianVuZWphIiwiZ2l2ZW5fbmFtZSI6InNha3NoaSIsImhhc3dpZHMiOiJ0cnVlIiwiaWR0eXAiOiJ1c2VyIiwiaXBhZGRyIjoiMTIyLjE2MS4yOS4xOCIsIm5hbWUiOiJzYWtzaGkganVuZWphIiwib2lkIjoiNzA3NzZhMGYtMzFkMC00NjQwLWEzOWYtNzhjNGMzNTAxNDM1IiwicGxhdGYiOiI1IiwicHVpZCI6IjEwMDMyMDAxMDg0Q0MwRUEiLCJyaCI6IjAuQUFBQVFVVEhvZmFBNWtLUUI2Q2JRTHZxQ2w0cXNmR2ZMWkpIcUFPWjJGaUo5ZDV3QU44LiIsInNjcCI6ImVtYWlsIE9ubGluZU1lZXRpbmdzLlJlYWQgT25saW5lTWVldGluZ3MuUmVhZFdyaXRlIG9wZW5pZCBwcm9maWxlIFVzZXIuUmVhZCIsInNpZ25pbl9zdGF0ZSI6WyJrbXNpIl0sInN1YiI6IjNHeWM1b01jQ2dzdEdZbl9rOGNNMUhPNjB3aHQycnlUUzRqa1lvaWxPWlEiLCJ0ZW5hbnRfcmVnaW9uX3Njb3BlIjoiQVMiLCJ0aWQiOiJhMWM3NDQ0MS04MGY2LTQyZTYtOTAwNy1hMDliNDBiYmVhMGEiLCJ1bmlxdWVfbmFtZSI6InNha3NoaUBsZWFybmluZ2xscnRzLm9ubWljcm9zb2Z0LmNvbSIsInVwbiI6InNha3NoaUBsZWFybmluZ2xscnRzLm9ubWljcm9zb2Z0LmNvbSIsInV0aSI6IlotalcwTXhBcWtLRmlINXp0ZWdyQUEiLCJ2ZXIiOiIxLjAiLCJ4bXNfc3QiOnsic3ViIjoiMEFRUnNsbUx5bGRvd2NIUFp5SUNEazhOTW8tZzlwWnpweW5oSlB3SFJVYyJ9LCJ4bXNfdGNkdCI6MTYwOTY5NzgwNn0.C6dpMRPiOk3UsbZYQ5zPV1ynZG3Jx9rgigKFhvEjNlGQohJc2gSe1AsrDVkH1aznr6aLBOtsZ_y2i0qN8b-WglXnvRz_p1I2eJtRSIX1gwIZcymeeCzlDu_xQEpDfCIfgPAL8a_UQdJRUVtr_dCNtBiG-g4ag2pBQl6zMoQ1PdX7WFU8hjyQ7GXU70oq22qDKICoGvJ_BD3teXsoBQiQmcLqF-2dxDUcpJQ7Y6NbPdpQYZHZlNYHI0nF218JpLZd1AwYxb5mRK0nX0m8JoL8uhtIutI2VE9g0JtyB956TqanChJpVBSRo7_VLsnRGU7s9-V4d_i_ClPPRax3d3Mhyg&token_type=Bearer&expires_in=3599&scope=email+OnlineMeetings.Read+OnlineMeetings.ReadWrite+openid+profile+User.Read&state=12345&session_state=a34ba2ba-3964-4c84-9cc3-047512621508

This works well in my online meeting api
POST /v1.0/me/onlineMeetings HTTP/1.1
Host: graph.microsoft.com
Content-Type: application/json
Content-Length: 145

{
"startDateTime":"2021-12-30T14:30:34.2444915-07:00",
"endDateTime":"2021-12-30T15:00:34.2464912-07:00",
"subject":"User Token Meeting"
}

PROBLEM- Since it will be integrated in the backend java code, how do i generate the auth code without having to open the browser.

Tried by saving the refresh token and then using it again to generated the access token (since this has shorter lifespan), but i read max refresh token expiry is 90 days?
How can I increase that?

Also, is that right approach to hard code this refresh token in my backend java code and generate access token every time.

Answer 1

You may want to get started from here and configurable token lifetime properties.