How can I set expire time to never in MSAL.js to access Microsoft Graph API?

Sagar Chamling 1 Reputation point
2022-11-01T19:12:02.827+00:00

I registered for my SPA app (React) in the App registration of Azure Active Directory portal, using the client_id I was able to communicate and access the resource using Microsoft Graph API after authentication (MSAL.js).

But I've to authenticate the user every time as the token expired which is shared among all Microsoft logged-in services.
From a user point of view, the user doesn't want to authenticate to the account once the user permits the consent. Where can I find the exact resource or can you guide me to securely implement this method? Right now, the refresh token expires and the user has to authenticate again.

I've seen the exact implementation in Hubspot CRM (https://www.hubspot.com/products/crm) which allows users to connect to Outlook 365 and it doesn't have to be authenticated once the registered app is connected with Hubspot.

Microsoft Security | Microsoft Graph
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Mehtab Siddique (MINDTREE LIMITED) 971 Reputation points
    2022-11-08T08:05:17.563+00:00

    For Configure token lifetime policies:https://learn.microsoft.com/en-us/azure/active-directory/develop/configure-token-lifetimes

    258175-image.png

    Following is the license requirement: https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-configurable-token-lifetimes#license-requirements

    ----------

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.