Graph API - How to get and use a refresh token in my case

Relephant 46 Reputation points
2021-11-19T05:17:56.367+00:00

I would like to allow users of my application to create online meetings from my application using create onlineMeeting Microsoft Graph API call.
The users do not log in to their Microsoft accounts, but my application gets the access token and creates the meeting on their behalf. Ref Docs.

The problem is that the access token needed to create an online meeting expires in a hour.

Currently, I'm thinking of implementing the way to get an access token every time creating an online meeting, but I'd like to simplify this procedure, for example, by using a refresh token as long as my application works..

Can I get refresh tokens for my application in this way?

I'm planning to implement the following steps.

1.Get an access token

POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token HTTP/1.1  
Host: login.microsoftonline.com  
Content-Type: application/x-www-form-urlencoded  

client_id=MyAppClientID  
&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default  
&client_secret=MyAppClientSecretPassword  
&grant_type=client_credentials

2.Create an online meeting

POST https://graph.microsoft.com/v1.0/me/onlineMeetings  
Content-Type: application/json  

{  
"startDateTime":"2019-07-12T14:30:34.2444915-07:00",  
"endDateTime":"2019-07-12T15:00:34.2464912-07:00",  
"subject":"User Token Meeting"  
}

Best regards.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,670 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,587 questions
0 comments
Accepted answer
  1. CarlZhao-MSFT 37,216 Reputation points
    2021-11-19T08:03:18.21+00:00

    OBO flow is not suitable for your work scenario, it is commonly used in calls between multiple services.

    The client credential flow you are using will not issue refresh tokens, but you can extend the lifetime of the access token by configuring the access token lifetime policy, but the maximum lifetime of the token still cannot exceed 24 hours.

    So if you want to get refresh token the only way is to use auth code flow or ROPC flow.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest