That's okay, you can use an admin account to access emails for all employees, but admin account needs to be granted delegated permissions by all employees, this seems like a lot of work.
The link can be found on how to grant delegated permissions to an admin account for an employee account:
Access the delegated folder via the Graph API for more details:
https://learn.microsoft.com/en-us/graph/outlook-share-messages-folders
For refresh tokens, the maximum validity period is 90 days, and we can't set token lifetime policies for refresh tokens.
Finally, for the question that you need to access all your employees' mailboxes, I recommend using the client credentials flow, which doesn't require the other users to sign in or grant the appropriate delegated permissions, we just need to grant the app application permission (mail.read) to get all the users' mailboxes.
Hope this helps.
If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.