This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 4%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHA%3C/text%3E%3C/svg%3E)
Below is the sample URL to which User signs up :
https://tenant.b2clogin.com/tenant.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=clientid &nonce=defaultNonce & redirect_uri=https%3A%2F%2Fjwt.ms & scope=offline_access openid https%3A%2F%2Ftenant.onmicrosoft.com%2Fapi%2Fwritescope https%3A%2F%2Ftenant.onmicrosoft.com%2Fapi%2Fuser_impersonation https%3A%2F%2Ftenant.onmicrosoft.com%2Fapi%2Freadscope client id & response_type=code+id_token token & prompt=login
I receive id_token, access_token and code as part of when user signs in using above user flow url. Can I get a refresh token as well ?
Alternate option is to get it via calling REST API by exchanging the auth code received above but I am trying to see if we can get it when user signs in.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 2%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
@Harjani, Ashish , To get an access token, you would need the scope as "offline_access" in your request, which I do see is present, but this call is going to the /authorize endpoint of B2C. Since you are using the Authorization-Code Grant flow of OAuth, hence in order to get the refresh-token, you would have to send a request to the /token endpoint of B2C, with the scope as "offline_access"
Sample Request:
POST https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6&scope=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6 offline_access&code=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...&redirect_uri=urn:ietf:wg:oauth:2.0:oob
You can find more details and reference on this here: https://learn.microsoft.com/en-us/azure/active-directory-b2c/authorization-code-flow
Hope this helps.
Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 44%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
I'm making an RestAPI call in the refreshtoken orchestration step. When i try to refresh the token for the first time its working, but the subsequent requests are failing. Can you help me in fixing this