How to get Refresh Token in Azure AD B2C

Harjani, Ashish 191 Reputation points

Below is the sample URL to which User signs up : &nonce=defaultNonce & & scope=offline_access openid client id & response_type=code+id_token token & prompt=login

I receive id_token, access_token and code as part of when user signs in using above user flow url. Can I get a refresh token as well ?
Alternate option is to get it via calling REST API by exchanging the auth code received above but I am trying to see if we can get it when user signs in.

Azure Active Directory External Identities
0 comments No comments
{count} votes

Accepted answer
  1. soumi-MSFT 11,651 Reputation points Microsoft Employee

    @Harjani, Ashish , To get an access token, you would need the scope as "offline_access" in your request, which I do see is present, but this call is going to the /authorize endpoint of B2C. Since you are using the Authorization-Code Grant flow of OAuth, hence in order to get the refresh-token, you would have to send a request to the /token endpoint of B2C, with the scope as "offline_access"

    Sample Request:
    POST https://{tenant}{tenant}{policy}/oauth2/v2.0/token HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
    grant_type=authorization_code&client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6&scope=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6 offline_access&code=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...&redirect_uri=urn:ietf:wg:oauth:2.0:oob

    You can find more details and reference on this here:

    Hope this helps.

    Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.

    3 people found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful