Hi @Ravi P
Thank you for posting this in Microsoft Q&A.I understand that you want to get access token along with refresh token.
No, you don't need any separate API to get the refresh_token. The default lifetime of an access token is variable. When issued, the Microsoft identity platform assigns a random value ranging between 60-90 minutes (75 minutes on average) as the default lifetime of an access token.
To get refresh token along with access token you need to pass offline_access scope in the request.
Follow the below steps to get access token and refresh token.
1.Register an enterprise application in Microsoft Entra admin center.
2.Add offline_access scope to the application. Go to your application - select API permissions - Add a permission - Microsoft API -Microsoft Graph API - Delegated permissions - Select offline_access -Click on add permission. Grant admin consent to the scopes.
3.Request an authorization code.
https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
client_id= Application_id
&response_type=code
&redirect_uri= https://login.microsoftonline.com/common/oauth2/nativeclient
&response_mode=query
&scope=user.read offline_access
Once the user authenticates and grants consent, the Microsoft identity platform returns an authorization code.
4.Use Postman to request an access token and a refresh token with below values.
Replace your application tenant, ClientID, code (which you got in previous step),redirect_uri
You will receive an access token and a refresh token as shown in the image below.
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.