Share via

Issues with Implementing Lifetime Refresh Token in Azure AD for a Production Application

Parth Rupapara 0 Reputation points
2025-03-19T05:45:46.7066667+00:00

Over the past few days, I have been trying to implement logic for generating a lifetime refresh token in Azure AD. I have explored various approaches, including moving the application from SPA to a web application and updating redirect URLs, but I am still facing the same issue.

My application is already in production mode, and the app registration is approved. Despite these efforts, I have not been able to achieve the desired token behavior.

Can anyone help me with this issue?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,239 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Akhilesh Vallamkonda 13,850 Reputation points Microsoft External Staff
    2025-03-24T18:53:03.64+00:00

    Hi @Parth Rupapara

    Thank you for posting your query in Microsoft Q&A Forum!

    Entra ID refresh tokens have a default lifetime of 24 hours for single-page applications (SPAs) and 90 days for other scenarios.
    There is no option to configure the lifetime of a refresh token or reduce or lengthen their lifetime in Microsoft Entra ID. By limiting the refresh token lifetime, the risk of a compromised token being used maliciously is reduced and avoids vulnerable to security threats.

    For more information, please read relent documents Refresh tokens in the Microsoft identity platform

    Hope this helps. Do let us know if you any further queries by responding in the comments section.

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.