I am building a system to connect my system account with Microsoft account to integrate the calendar.
I have successfully created an application in Microsoft Azure AD and connected the application to my system, the user can see a button and login to retrieve an access token with a refresh token.
I am obtaining the Microsoft user access token and refresh token successfully.
Then I used the access token to perform APIs like creating an event, however after a while (a day) maybe, when I try to refresh the token using the following request.
curl --location --request POST 'https://login.microsoftonline.com/common/oauth2/v2.0/token' \
--header 'Origin: http://localhost:4200' \
--header 'Authorization: Bearer EwCIA8l6BAAUAOyDv0l6PcCVu89kmzvqZmkWABkAAZLVtCsFA64WuHVPnZ0mBdBdSplrDHjCPzjCQjgURs1qR0hZolUxxGf6oL/5/Lc3RD/LZavbz8HHd0YvkgTweM5sT2wZQFKnumVUgfnmXfmj/KntCXEcVGinpy4KIzUYF6qTki2jpomovPlvZke8ELTmiz0tlT1/BDKuy8r87QazKq+oRGL8wmL8hv75WVVQR416T6t7kjxIPm0EBfzj2yQUzDAZ6TfM2kmVzMN+y/spMwRxleAp34fNVLWsC/qtBOM4LoHTWCB44sJihNvKkTYUrkXfFRsYJA9iHGKn9AwGrRipPwiTIPJQgyoqnAerGzBhmjJRa1dWuWuqdlaTytADZgAACOnZFItcZcTiWAKmHLLtW/dmMT/llurs50frEaZulc6+jjHEZlxFRLYev8HQJWnd4K6Z2H1jWtFyLCwWGr/eepBml2G8JVTnVWkuljL83GmcDWUG+sifXlYe0DmPL+rVAMFNBA01M5HRq58ktTsHoEOMpfNGCu6knfrYIpEGTyRV4tcHdmDQllQB7W3OdPzOZcQDR8IGY5YHbqLJaytSGlpPRkbIOtUDG83edzL7lfbBpcbJo8zOqWSQvVatsYLSV9yxC5pa+i5TQsoWZg77iaHQS9S49t7iiCjRhoMIFLJo5aWRbTbBRzL2mOkCNJEhRVijZ5RtJHQP+lkKbjMNXbTcNYZHhC6KQG7Lhfo/CNLEAE5iXEzYJ77Ss2lHaLjfpvkBEcTt/HUWPiNhlvs/x8d2NIted0NutEPwGCpdrRmRs1f1Q4XOXI0JeMfOKqBRRQFjGRGH2TcG+C2OSVdrz05lA8G5o/VwJzJhKJ/oovWssO3uyoLQ+CRCy95HwIF9xVNmQkEsNN7GTVlbU9f58bSLNoquCkLtaGGwE4RC4AcycI8ujhYVqucD+fuwD0My3FTs+0el6Tr6r1B3S9kM4oiqOmFTzW4NA29iKp7qt3+F1QjZ6JPspwFhYh8ujabNWP9FjQ1/PkbSiVpy12Iq0O7IqF+S5MP5lqV18bGahpRp0wHZk545WqUYuQe+OME1SNdvKsN8uyEpnzsdUFZVRsa8raD8An3ULn+69MckgdW1hfaR09rxrfOBWs3kMLZoluCGY3+N1AGnC0GirSrOeK24ET6OVClkSwZVs6+4ZE50fUCJAg==' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Cookie: fpc=AhDVWlE6NztJuqGq2Z_Q19wCpqKBAQAAAFIattsOAAAA' \
--data-urlencode 'client_id=${client_id}' \
--data-urlencode 'scope=user.read calendars.readwrite offline_access openid profile' \
--data-urlencode 'refresh_token=M.R3_BL2.-CXO560cLzT3Rn8kSV5OvQcrydtlANQM4*XE0zRu1J966VFGv99Yys3vNTX2SF0WRvyZ*wrDZZexsr!rJdwT3aDb!p2YEPjSPq7ADCcU8leRs95s26bPTi0YN1YjanCeJ!K0NDFGaGPg9zftnu5DcuByoQqzVCwgI9x6FY1SjtOi3HjD2YzYhtyCqcWteQmGhdSUSO*PJnVW7s2CfVNQeaYfnsXI3iA35kHtTXbdb0bOHvr5!KOH2H0BhHlrsqdO5cNCsRmF7CDBRbmh9VvsXa3DZ5wK*cd2A2v04kdme2Wmn0IcT!JZljm06ydOaSa58c1JSUAW8HTv8Ejyn5sO0j9xCSzwrBpZ!CtgLuQmnNtlGj1dvtbdqSHvmbYGpuvxj0taFnt2qDZEWp47withOFpo$' \
--data-urlencode 'grant_type=refresh_token'
The request is working at first, but then it starts giving this error
And I have a daily Cron job to refresh the token.
{ error: 'invalid_grant', error_description: 'AADSTS70000: The user could not be authenticated as the grant is expired. The user must sign in again.\r\n' + 'Trace ID: 9ceeb2fa-43c9-4cc1-963a-4d06afd74101\r\n' + 'Correlation ID: 06e19037-67a1-47b8-9473-b41e2c4b0168\r\n' + 'Timestamp: 2023-03-29 09:05:30Z', error_codes: [ 70000 ], timestamp: '2023-03-29 09:05:30Z', trace_id: '9ceeb2fa-43c9-4cc1-963a-4d06afd74101', correlation_id: '06e19037-67a1-47b8-9473-b41e2c4b0168', error_uri: 'https://login.microsoftonline.com/error?code=70000' }
Am I missing something, is there a lifetime that I don't know about?
Is it just the user logging out?